The Grum operation was done without any involvement by law enforcement, showing that security researchers working together can also be effective in fighting botnets, which besides spam are used in denial of service attacks against websites.

With security researchers globally watching them, cybercriminals now have to deal with far more adversaries than in the past. "That will have a huge impact on the mindset of bot herders, and that may be the reason Lethic is going underground," Mushtaq said. Bot herder is the name given to people who control hijacked computers, or bots, in an illicit network.

Grum's death leaves tens of thousands of inactive, malware-infected computers. But without the original master computer and the IP addresses of the infected systems, the botnet is unlikely to be resurrected. "There's no way to hijack this botnet," Mushtaq said. "[the computers] are lost to us and to bot herders."

The Grum-killing operation started about two weeks ago when authorities in the Netherlands pulled the plug on two servers. This led to other servers in Panama being .

In a cat-and-mouse game with spam fighters, the Grum operators launched more servers in Russia and the Ukraine. A service provider in Russia took the last of those computers off the Internet on Wednesday.