The number of people using mobile devices is increasing as mobile devices offer different features and services. Many mobile users install various applications on their mobile devices to use features like payment, business services, social networks, health, entertainment, and education. Besides, all these services require access to the internet. Therefore, mobile devices are becoming prime targets for cybercriminals due to their functionalities. A mobile botnet is a set of mobile devices infected with a malicious program. A mobile botnet is controlled by an attacker called Botmaster to perform illegal operations such as eavesdropping, sending malicious codes using SMS, DDoS attacks, or stealing important information. There are different techniques proposed to detect mobile botnets with various accuracies. This paper presents a detailed background about mobile botnets, including their lifecycle, architecture, and C&C channel. Besides, it briefly overviews mobile botnets' evolution and compares PC and mobile botnets using different criteria. Next, it studies, classifies, and discusses the existing intrusion detection system-based techniques available for detecting mobile botnets. It focuses on the 42 most related papers submitted between 2010 and 2021, highlighting their drawbacks. To conclude, it discusses open issues and proposes ideas to improve the current methods.