Manually compromising servers and installing a tool that causes all those servers to rendezvous with or receive commands from a central control point to execute instructions would make them a botnet.
The key question would be: do the compromised servers also run a program that periodically polls a control station for commands, or does the script kiddie manually command individual compromised servers?
I actually encountered this a few years ago, a Red Hat box had been carelessly placed on the internet with a poor dba username password combo. The attacker had not gained root access. But he did manage to install zombie software on the computer in /var/tmp, which consisted of a small web-server serving malicious code and a custom ssl-irc client configured to connect to the botnet owners irc server.
Curious, I took a copy of the software he had installed before I wiped the server. I then proceeded to connect to his irc server using the credentials found in the zombie software. I ended up in an irc channel with the actual owner of the botnet sitting there. Because I kept my servers original irc-name he started prodding me with dcc-commands to find out the status of his returning zombie. After a while I responded and told him he had been discovered, we had a brief chat before he banned me from the irc-server. Seemed like a script kiddie, he used "LOL" in every sentence and lots of numbers, the net seemed to be run manually with some 30 "clients" in it. I gave his client IP to his ISP in Romania together with the logs, doubt anything came out of it though.