This is an established effort of all law enforcement agencies to stamp out botnets (which are networks of compromised computers in control of cyber criminals which they use for DDoS, spam and stealing private and financial information). However, NSA has been hijacking these botnets for its own spying purposes.
According to slide leaked by Edward Snowden, NSA had “co-opted” more than 140,000 computers starting August 2007 and injected its own spying software in them.
According to the contents of the leaked slide available at The Intercept, NSA used the technique called QUANTUMBOT, which “finds computers belonging to botnets, and hijacks the command and control channel.” NSA termed the program has a high rated success.
NSA has not denied or confirmed the existence of such program. It is also not clear if the compromised computers belonging to these botnets were in the US or abroad.
Most botnets disable the firewalls and security software of the computers they compromise which leaves them open to further exploitation.