It isn't a "new" botnet, but just continued use of a rotating array of available addresses. Some are enterprise and will be upfront (as you've observed), some less so.
Different devices also enable this, as mentioned in the comments. Smarthome / IoT devices, cable-brand router/APs, etc. There are also services for rotating residential proxies, that are essentially breaking the ToS of the companies in charge of them, but they trade/buy new IPs constantly.
The larger scale a site is indexed at, the more you'll see this traffic pick up. CloudFlare has rules that can help with it, and you can get stricter with them if you know your audience / customer base via whitelists; geo (can be circumvented ofc, but quiets the noise), user-agent, http version, etc. For the more broad ones, just immediately prompt a challenge if you don't want to outright drop/block them.
It's been this way for a while, LLMs have made it worse, but there was already a ton of garbage requests / scanning going on.
It isn't a "new" botnet, but just continued use of a rotating array of available addresses. Some are enterprise and will be upfront (as you've observed), some less so.
Different devices also enable this, as mentioned in the comments. Smarthome / IoT devices, cable-brand router/APs, etc. There are also services for rotating residential proxies, that are essentially breaking the ToS of the companies in charge of them, but they trade/buy new IPs constantly.
The larger scale a site is indexed at, the more you'll see this traffic pick up. CloudFlare has rules that can help with it, and you can get stricter with them if you know your audience / customer base via whitelists; geo (can be circumvented ofc, but quiets the noise), user-agent, http version, etc. For the more broad ones, just immediately prompt a challenge if you don't want to outright drop/block them.
It's been this way for a while, LLMs have made it worse, but there was already a ton of garbage requests / scanning going on.
They're usually residential proxies, enabled by "SDKs" shipped as a means of monetizing mobile apps. Basically a legalized(ish) botnet.
If you have AI-generated content, expect an AI-generated audience.
Garbage In, Garbage Out