Overview of malware authors
There is a huge amount of malware created and found every day, easily ranging from 1k to 3k every day just on a public resource such as malshare.
So there is a big question: Who and why is creating so much malware?
Types
I believe there’s 2 main bands of malware authors: the kids, and the professionals.
Kids
Kids can be taken both figuratively and literally. New “hackers” are often called Script Kiddies, referring to their main ability being to copy and paste public code and trying to use it, often failing badly. They are often young, from around 14-18, sucked into the idea of hacking from online communities. They will join a community and try to build a reputation for themselves. This obsession over reputation creates a lot of credits in malware, often including their tags, as well as racist comments. The obsession is furthered by these online communities being often their only source of social stimulation, causing them to invest many hours daily into trying to reach a point like somebody popular in the community. Money is something this group desires, but often $100 is all they will ever achieve until they wake up. They’re usually viewed as good with computers, but in reality have very few foundations, resulting in extremely bad code.
Professionals
This band is the big guns, the ones doing what’s going on the news and hurting your grandma. Here age doesn’t matter, some are teens, some are in their 50s. Much more original and interesting malware comes out of this group, and as such they might have much greater success. Ransomware is becoming a huge problem, with billions being lost to it. This isn’t helped by how governments are effectively bowing down to them, where instead of doing a good job of securing everything, they just pay another company the ransom cost and a fee to pay it for them. This band is full of criminals, and merges with other activities of typical crime gangs.
Examples
Kids
You can find this group on pretty much any public “hacking” forum or group.
Professionals
Mirai may be known now for being very copied, but before it was publicly released, it was really effective. Krebs on Security has a great post on this.