With the demise of some botnets, and the surge of others, it would be easy to see the task as Sisyphean. Stewart acknowledged that it can be disheartening at times. "We are still a long way off from a real, long-lasting impact on the individuals responsible for unleashing so much malware and spam," he said.

Part of the problem is that all the criminals need is one widespread vulnerability that they can exploit to grow their botnets dramatically.

Stewart cited two "zero-day" bugs that had to patch in Windows last October and with emergency updates as examples. In fact, the Windows vulnerability has been aggressively exploited by attackers using the "Downadup" worm, which has in the last two weeks, although there's no evidence thus far that the worm is building a botnet.

"We have to keep hammering," said Stewart, saying that the only thing researchers can do is maintain the pressure. "[Botnet makers] might not have another good exploit the next time, and maybe we will knock them back."