AI Botnets Fuel Financial DDoS Surge: 2.41 Billion Attacks

Artificial intelligence-powered bots and hacktivists bombarded financial services with denial-of-service attacks at record volume and duration. These attacks lasted 738% longer, and the number reached 2.41 billion. This is far more than in any other industry. What's interesting is that attackers also targeted APIs and the domain name system. Almost every financial service firm reported an API incident in the past year. Akamai's Advisory CISO, Steve Winterfeld, points to new botnets like TurboMirai and Aisuru as key drivers. These are capable of multi-terabit-per-second DDoS attacks. Advanced bot activities surged by almost 150% in late 2025. Threat actors used AI to mimic legitimate browser behaviors and hide attack traffic more effectively. Within financial services, banking was hit hardest, accounting for 60% of total web attacks and over 80% of API-related incidents. These attacks disrupt account payments and third-party access to financial data. Malicious traffic in Europe and the Middle East often came from Iran and Russia. There has also been a 245% spike in attacks on businesses in North America, Europe, and parts of Asia-Pacific. The bottom line is that AI is increasing the speed and complexity of cyberattacks, posing a significant threat to financial stability.