AI Agents and DNS Abuse: The 2026 Conversation the Industry Needs to Have

By 2030, autonomous AI agents could outnumber human domain registrants 3-to-1. The domain industry is building for legitimate use cases, but the real challenge is abuse at machine speed and a new international legal framework that treats DNS operators as evidence holders for the gravest international crimes.

---

Over the holidays, I read Joanna Kulesza’s blog post on CircleID about the ICC’s new Policy on Cyber-Enabled Crimes. It got me thinking about DNS abuse in a way that goes well beyond the usual ICANN regulatory framework we all live with day-to-day.

Then this morning, I listened to Andrew Allemann’s Domain Name Wire podcast interview with James Bladel from GoDaddy, and suddenly several pieces clicked together for me. Bladel was discussing GoDaddy’s Agent Name Service (ANS) proposal, and I realized: this isn’t a future scenario anymore. The industry is already actively building for it.

Kulesza’s analysis made me realize that by the end of 2026, the domain industry may find itself dealing with a very different kind of challenge, one that connects autonomous AI agents, DNS abuse at machine speed, and international criminal accountability in ways almost no one is talking about.

When your biggest customer isn’t human

Most of the current predictions for 2026 I read about or listened to over the holidays focused on familiar themes: strong demand for premium .com domains, the next new gTLD round (applications opening April 30th, by the way!), post-AFD monetization challenges, and rising pressure around trust, security, and regulation. All valid, all important.

But here’s what I suggest could be the real disruptor:

What happens when autonomous AI agents, not people, become the primary operators and, inevitably, abusers of domain infrastructure?

I’m not talking about increased domain registrations in the .AI TLD (though that’s been impressive). I’m talking about software agents that can autonomously compromise domains, spin up subdomain-based abuse infrastructure, configure hosting and DNS, run campaigns and cold outreach at an industrial scale, and tear it all down just as fast.

Industry analysts project there could be billions of autonomous AI agents operating on the internet by 2030, a projection GoDaddy is taking seriously enough to build infrastructure for. To put that in perspective, there are roughly 350 million active domain names today. We’re potentially looking at a world where autonomous agents are the dominant users of domain infrastructure, whether as legitimate customers or as sophisticated abusers.

At that point, the traditional mental model (“a founder registers a domain and builds a site”) stops being the default. And critically, the traditional abuse model (“bad actors manually register throwaway domains”) also becomes obsolete.

The industry is already responding (to the legitimate use case)

GoDaddy’s Agent Name Service proposal is essentially an attempt to leverage the proven infrastructure of DNS and SSL certificates to solve the identity, discoverability, and trust problems that autonomous agents will create. Each ANS-verified agent would have its own fully qualified domain name and SSL certificate, the same trust mechanisms we already use for e-commerce sites.

This makes sense for legitimate use cases: corporate AI assistants, business process agents, customer service bots, and other autonomous systems that need verified identity and discoverability. For these legitimate agents, we likely will see significant growth in domain registrations, because each agent genuinely needs its own FQDN and certificate for authentication purposes.

But here’s where it gets more complicated: the abuse side won’t look like explosive domain registrations. It will look like what we already see, only faster and more sophisticated.

Bad actors won’t pay to register thousands of domains when they can:

• Register one domain and spin up unlimited subdomains at zero marginal cost
• Compromise existing legitimate domains and weaponize their subdomain infrastructure
• Exploit URL shorteners, free hosting services, and other existing platforms
• Use automation to identify and exploit vulnerabilities at machine speed

The real shift is that autonomous agents make it trivially easy to operate abuse infrastructure at a scale and speed that human-driven detection and mitigation simply can’t match.

The actual threat model

Here’s what I predict could keep folks in the industry up at night. Autonomous agents will:

• Compromise and weaponize existing domains at an industrial scale through automated credential stuffing, vulnerability scanning, and supply chain attacks. They’ll turn legitimate infrastructure into abuse platforms faster than registrars and hosting providers can detect patterns.
• Abuse subdomain structures on both compromised and intentionally malicious domains. The economics favor subdomains over new registrations, and agents make this even more efficient.
• Operate mixed legitimate/malicious portfolios where some domains or agents from an account are legitimate, and others are abusive, making account-level detection far more critical (this is exactly why ICANN is preparing to launch a major policy initiative on this in 2026).
• Generate, adapt, and evolve abuse campaigns faster than human analysts can respond. Think phishing campaigns that automatically adjust based on detection, malware that rotates infrastructure on the fly, and fraud operations that learn from takedown patterns.
• Blur the line between “legitimate automation” and “abuse” in ways that will be legally and technically challenging. (For instance, is an agent that sends 10,000 cold emails per hour a legitimate sales tool or spam? The answer may depend on consent, content, and jurisdiction, and agents won’t care about any of those nuances unless explicitly programmed to.)

The stress test on abuse systems will not necessarily be due to registration volume. It will likely be from the speed, scale, and sophistication of abuse operations that autonomous agents enable, most of which will exploit existing domain infrastructure rather than creating expensive new registrations.

The accountability layer no one’s talking about

This is where Kulesza’s analysis really hit home for me. The ICC’s new policy explicitly treats Internet infrastructure (including DNS) as part of the operational environment for the gravest international crimes, not just routine cybercrime or fraud.

From what I read, and I’m no legal scholar, it seems when cyber means are used to identify victims for physical violence, incite genocide, or disrupt civilian infrastructure in conflict zones, the technical evidence held by DNS operators, registrars, and security providers becomes directly relevant to international prosecutions under the Rome Statute.

That means three things:

1. Your logs and metadata can become international criminal evidence, not just compliance records for contractual disputes or ICANN audits.
2. Intentional destruction or obstruction of such evidence can itself be an international offence against the administration of justice, regardless of your motive or local legal advice.
3. The ICC openly anticipates relying on industry cooperation and technical expertise to build cases, which pulls infrastructure operators into legal scenarios that have nothing to do with traditional domain policy.

Now imagine that world colliding with autonomous-agent-driven abuse. When agents can compromise domains, generate abusive content, and rotate infrastructure at machine speed, and when some subset of that abuse crosses the line into facilitating international crimes, the evidentiary burden on DNS infrastructure operators becomes both technically complex and legally critical.

This isn’t some distant theoretical concern. It’s a structural shift in how DNS sits within global accountability frameworks. And it makes the move toward standardized, evidence-based abuse reporting not just operationally smart, but legally essential.

The good news: the building blocks already exist

Here’s what gives me confidence that the industry can get ahead of this challenge: the shift toward evidence-based, structured DNS abuse reporting is already happening.

Organizations like iQ Global are building platforms that transform messy, unstructured abuse complaints into clean, actionable evidence packages. Their KARA system uses AI to extract and validate evidence from natural-language reports, ensuring that what reaches abuse teams is complete, categorized, and ready to act on, not noise.

Combined with smart automation (rule-based prioritization, advanced filtering, custom data fields for forensic financial services and trusted third-party intelligence), these systems ensure that abuse decisions are fast, consistent, and traceable. That’s exactly the infrastructure the industry will need when autonomous agents can generate and adapt abuse faster than human analysts can keep pace.

Just as importantly, efforts like Reputable Domains are creating proactive verification layers to prevent false positives before they cause harm. In a world where agents can compromise legitimate domains and use their infrastructure for abuse, having verified “this is a known legitimate brand” data becomes critical for separating signal from noise.

Meanwhile, ICANN is preparing to tackle this challenge through policy work. In December 2025, the GNSO Council approved moving forward with a Policy Development Process on DNS abuse mitigation, with formal initiation expected in early 2026. According to the Final Issue Report published last month, the first phase will focus on “associated domain checks,” requiring registries and registrars to investigate entire accounts and portfolios when abuse is detected on a single domain, rather than treating each domain in isolation. The report also addresses more stringent security controls for API tools used in bulk registrations.

As Bladel noted in Andrew Allemann’s podcast, major players like GoDaddy already follow associated domain checks as a best practice, but codifying it into policy requirements will ensure industry-wide adoption. That kind of account-level, pattern-based abuse detection is exactly what you need when facing autonomous agents that might operate mixed legitimate/malicious portfolios or when a single compromised account could be weaponized across hundreds of domains and thousands of subdomains.

What this means for 2026

If the industry waits until autonomous-agent-driven abuse overwhelms existing detection and mitigation systems, it will already be behind. I suggest the smarter play is to recognize that:

• Autonomous AI agents will be both customers and threat actors at a scale that dwarfs human-driven activity. GoDaddy is building for the legitimate use case; we need equally sophisticated defenses for the abuse case.
• Speed and sophistication matter more than volume. The challenge isn’t a billion new malicious domain registrations. It’s agents that can compromise, weaponize, adapt, and rotate infrastructure faster than human-driven processes can respond.
• Evidentiary readiness matters beyond ICANN. The systems you build today to handle routine DNS abuse may tomorrow need to support investigations where the stakes include international crimes, not just domain suspensions or registry sanctions.
• Account-level and pattern-based detection become essential. When agents can operate at scale, investigating individual domains is insufficient. You need to understand entire account behaviors, relationships between domains, and patterns across portfolios.
• Prevention beats cleanup, but detection must be faster. Proactive verification helps protect legitimate brands, but structured reporting with reproducible evidence packages, intelligent automation, and audit trails becomes critical when abuse can be generated and evolved autonomously.
• Open standards matter. If the domain industry doesn’t rally around proposals like Agent Name Service for the legitimate use case, we risk ceding control to proprietary, walled-garden alternatives that fragment the internet and concentrate power in a few platforms. 

By the time 2026 wraps, the domain industry may be judged not only on how it enables legitimate autonomous agents, but on how it generates, preserves, and shares evidence about agent-mediated abuse when the stakes include international accountability.

The building blocks (evidence-based reporting standards, AI-assisted validation, automated workflows with audit trails, proactive verification, account-level pattern detection, and open protocols for agent identity) are already in place. The question is whether the industry moves fast enough to connect them before autonomous agents operate at billion-scale and the accountability expectations shift permanently.

That’s the conversation I suggest we should be having in 2026. And based on what I’m seeing from GoDaddy, iQ Global, ICANN’s recent policy developments, and others, at least some of us are finally having it.

DISCLOSURE: I am a paid consultant to iQ Global, whose DNS abuse mitigation tools are referenced in this post. iQ did not ask me to write this post, and I did not provide an advance copy for review. I do not accept advertising on this blog and have no consulting or employment relationship with GoDaddy or ICANN. The views and analysis expressed here are my own.