In the current way things stand in this world, producing. selling, and distributing malware is a very profitable business. In many countries, it is a way for smart young people to make a very nice living. Defrauding gullible people in countries far away from where you live doesn’t even seem like a crime, especially if they are stupid rich people who live in a country like America that you don’t much like anyway.
But young hackers are just one group involved in malware. Organized criminal gangs are actually the major participants now. In fact, the malware industry has now reached such a big stage that it has divided into sub-industries. At Zscaler Security Research, Michael Sutton makes this observation:
The malware economy continues to become increasingly specialized, with individuals and groups often focusing on a single portion of an overall attack, be it reverse engineering, exploit creation, botnet herding, etc. With the value of a 0day vulnerability in a popular program now well into the six figure range, we’re no longer simply talking about low brow criminals dabbling in this world. White-collar researchers are parting with vulnerability information, selling it to a middleman and not asking questions about where it may end up.