This document discusses the rise of malware as a service and the business models that cybercriminals use. It notes that cybercriminals are mirroring legitimate business models by offering malware creation, distribution, leadership, and resilience services. Customers can get custom or off-the-shelf malware, distribution networks, command and control resilience, and 24/7 support. This document warns that these criminal models pose serious threats and are difficult for defenders to detect and disrupt in a timely manner.