The rise of easily accessible AI technologies has dramatically lowered the bar for cybercriminals, enabling them to create and deploy malicious bots faster and at greater scale than ever before. Generative AI (GenAI) has made it simpler to build and refine bots, accelerating the evolution of automated threats. With AI’s help, these bots are becoming more sophisticated, more numerous, and far better at concealing their activities to evade detection.
Attackers are now using AI not just to launch attacks, but also to analyze failed attempts—learning and adapting in real time. This constant refinement makes AI-powered bots increasingly elusive and dangerous, posing a growing threat to organizations across every sector.
Automated traffic now outpaces human users
As automated activity surges, security teams face an urgent need to rethink their defenses. They are no longer fighting only human adversaries—bots are now a dominant force online.
According to the 2025 Imperva Bad Bot Report from Thales, titled “The Rapid Rise of Bots and The Unseen Risk for Business,” automated traffic surpassed human activity for the first time in a decade, accounting for 51% of all internet traffic in 2024. The explosive adoption of AI and large language models (LLMs) has been the primary driver behind this shift.
This growing wave of AI-driven automation has serious implications. As bots make up more than half of online activity, businesses are facing mounting risks from malicious automation that continues to escalate in both scale and complexity.
The Thales report also found that bad bot traffic increased for the sixth consecutive year, representing 37% of total web traffic, up sharply from just over 30% in 2023.
The growing sophistication of bot attacks
In 2024, “advanced and moderate” bots made up 55% of all attacks, using tactics that closely mimic human behavior and bypass traditional defenses. Detecting and stopping them has become significantly harder as they blend into legitimate traffic.
At the same time, simple, high-volume attacks surged—rising from 40% in 2023 to 45% of all bot activity last year. This trend is largely fueled by the widespread availability of AI automation tools, which allow even less-skilled attackers to execute bot-driven campaigns with minimal effort.
The Thales report also noted that 31% of all attacks it detected and blocked were automated, aligning with the OWASP 21 Automated Threats classification, which targets web applications at scale, exploits vulnerabilities, and evades security measures across industries.
APIs: The new front line against bad bots
APIs are now the backbone of modern digital ecosystems, powering innovation, automation, and seamless integrations across services. But that same ubiquity has made them a favorite target for attackers.
Thales’ data shows that 44% of advanced bot traffic was aimed at APIs in 2024. Malicious actors exploit API endpoints to steal data, commit fraud, or bypass controls.
“APIs are vital to business agility and innovation, but their inherent logic creates unique weaknesses that attackers are quick to exploit,” said Chang. “As companies expand their use of cloud and microservices architectures, it’s critical to understand that these same strengths can introduce new risks.”
Residential proxies: Disguising malicious traffic
Cybercriminals increasingly rely on residential proxies to disguise bot traffic as legitimate human activity. By routing attacks through household IP addresses, they make it far more difficult for security systems to tell friend from foe.
Thales found that 21% of all bot attacks leveraged residential proxies from ISPs, allowing threat actors to blend seamlessly with authentic users and evade detection tools.
AI-driven account takeover on the rise
Account Takeover (ATO) attacks have climbed sharply, up 40% year over year and 54% over the past three years. This surge is linked to the growing use of AI and machine learning to automate credential stuffing and phishing—making attacks faster, smarter, and harder to detect.
The financial services sector bore the brunt of these ATO attempts, accounting for 22% of all incidents, followed by Telecoms and ISPs (18%) and Computing/IT (17%).
The double-edged sword of generative AI
Generative AI platforms such as ChatGPT, ByteSpider Bot, ClaudeBot, Google Gemini, Perplexity AI, Cohere AI, and Apple Bot have transformed how people learn, work, and create. But they have also introduced a new wave of cyber risk.
While these tools enhance productivity, threat actors are exploiting them as powerful new attack vectors. Notably, ByteSpider Bot accounted for a staggering 54% of GenAI-enabled attacks, highlighting how AI’s democratization is reshaping both innovation and cybercrime alike.
Visit us to download your copy of the 2025 Bad Bot Report.
Read More from This Article: The AI revolution fueling the bot epidemic
Source: News