So do they have a court-issued warrant for every machine they've infected or have they simply got a "You can't touch this" card which means they're immune from prosecution, given that this is exactly the kind of thing they are supposed to exist to stamp out? And given that the US is so quick to insist on extradition for anyone it deems is doing this to computers in their own country, shouldn't the UK etc (which has extradition treaties in place) insist that the people running this program be extradited to stand trial in affected countries?
(I know they won't but seriously, a 50,000 strong botnet is well past "passive observance of tagets", it's only real use is for cyber-esionage and cyber-terrorism (DDOS attacks etc))