Malware and viruses have changed a lot since the early days of the internet. When the modern computer age was still in its infancy, many viruses were written as jokes, or simply to show off technical prowess. Viruses would mess with desktop, give you a message, and replicate themselves. This isn’t to say that there wasn’t very destructive malware: there was. But the massive security improvements that we have made mean that it is now much more difficult to create effective malware. But while the difficulty of creating effective malware has increased, so have the stakes. Billions if not trillions of dollars depend on the internet, and intercepting information and crippling systems can have massive financial repercussions.
This means that much of modern malware is quite sophisticated. Where a single programmer might have made a virus able to spread the globe two decades ago, we are seeing more and more malware which is clearly the work of experienced and competent teams of programmers. There are whole industries built up around the buying and selling of exploits before the public or developers learn about them. Known as day 0 exploits, these are flaws in systems which have not been published. Finding and exploiting these vulnerabilities in popular systems can be a ludicrously profitable enterprise. More and more frequently we are seeing malware written by foreign corporations, government entities, and other sophisticated entities which have the resources to invest in purchasing exploits and hiring skilled programmers.
Governments often make malware as a tool for espionage or sabotage. Installing spyware which gives them information from computers across the world gives their security agencies the tools to assess threats and find hostile actors. Additionally, military and political agenda can change based on knowledge gleaned from foreign or domestic servers. Therefore, some of the most advanced pieces of malware ever found are suspected to be created by governments, largely for surveillance.
Other malware is created for use in criminal enterprises. This malware also wants to remain undetected, so it will not do things like create popups or crash your machine intentionally. This malware is usually something like a keylogger. It will quietly send all your keystrokes to another location, where they can be scraped for data such as credit card numbers. Once this data has been collected, it will often be sold on the black market to scammers who then attempt to use the information.