UNDER ATTACK? CALL US

THANK YOU FOR YOUR INTEREST IN NSFOCUS REPORTS​

2026 Botnet Trend Report

In 2025, the global geopolitical situation was complex and changeable, and the strategic game in cyberspace continued to escalate simultaneously, driving the iterative evolution of the cyber attack arsenal. As the core infrastructure of cyber attacks, botnets have shown profound strategic changes and unprecedented complexity in their technical paradigms, operating models and attack targets.

Future Trends:

  • AI attack and defense spiral acceleration: Attackers will use generative AI more deeply to participate in vulnerability mining, highly personalized phishing attack payload generation and other full-link attacks.
  • Transformation to infrastructure and stealth revolution: Proxy botnets will complete the transformation from “attack tools” to “criminal Internet core infrastructure”.
  • Mobile threats become “super entry”: The scale of mobile botnets represented by Android large-screen devices (TVs, set-top boxes) will continue to expand.
  • DDoS-as-a-Service and scenario-tailored attacks: Targeted attacks similar to the “DDoS attack method” provided by the Poxiao group and Httpbot will be richer and more sophisticated.
  • Cover and leverage of APT network operations: APT groups with national backgrounds may rent or manipulate more black and gray industry botnet infrastructure to enhance the stealth and deniability of their actions.
NSFOCUS
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.