Botnet attacks increase by 34% in a year

According to statistics, from January to August 2025, hackers began to use botnets 34% more often compared to the same period last year. Botnets are computer networks consisting of many infected devices that are controlled remotely. Informzashchita specialists note that this approach allows attackers to scale and automate attacks, making them more destructive.

Botnets are created using special malware that provides remote control of devices and unites them into a common network. Most often, these networks are used to organize DDoS attacks - they account for 63% of the total number of incidents. Botnets are also used for phishing mailings - 29%, and for distributing malware - 7%.

The most frequently attacked companies using botnets are those in the e-commerce and retail sectors — about 30% of all attacks. The financial sector accounts for 22% of attacks, the telecommunications sector — 18%, and the state and municipal sector — 11%. In these sectors, attackers mainly seek to disrupt the stability of online services, where distributed networks are especially effective.

"Botnets allow large-scale attacks, while they can be controlled by very small teams or even one person. Since the network is distributed, devices can be in completely different places, it can be difficult to detect the source of the attack. The most important thing for attackers is that they do not need to purchase equipment; bots are devices of ordinary users who may not even suspect that their computer is infected."

Sergey Sidorin, head of the third line of analysts at the Center for Monitoring and Countering Cyberattacks IZ:SOC "Informzashita"

To protect against such threats, companies are advised to implement a set of measures. This includes technical solutions such as next-generation firewalls, intrusion prevention systems, and anti-DDoS solutions. Filtering traffic and limiting suspicious connections are also important. A key element of protection is round-the-clock monitoring, which allows for timely detection of anomalies, such as sudden traffic surges or non-standard protocols, and prompt response to them.