[baybal2]

This has to do with affiliate schemes. Payouts for them are quite solid.

Clickfraud people, I think, count on the the fact that for huge e-retailers, it takes months to take action, and they can cashout affiliate payouts faster then they react.

[jsoverson]

It's far more than affiliate schemes. Credential stuffing attacks result in account takeovers for many different types of companies and the value that can be extracted is different for each business.