Grum, which was sending 18 billion spam messages daily, was the latest major botnet to be . Spamhaus collaborated with security vendors FireEye and the Russian company Group-IB.

Grum's command-and-control servers in Panama and the Netherlands were taken offline. Grum operators quickly set up command-and-control servers in the Ukraine, suing one of the remaining servers in Russia to redirect the infection bots.

The hosting company for the Russian server did not respond to takedown requests, so its ISP dealt the final blow by halting traffic intended for the server.