[remus]

Say you're running an account take over script that spams login forms with a list of known username and password combos. If a website owner sees thousands of login attempts coming from a single IP address they're likely to block you to prevent abuse on their website. This is annoying for you as you then need to rotate your IP address.

Using tor hides your IP address from the website and makes switching exit nodes very straightforward, so you can run your account take over script in peace.

[viraptor]

That's not that easy in practice. There's less than 2k exits normally, not all of them usable. Your abuse script competed with other malicious traffic for those exits and their reputation gets burned pretty much immediately.

So yes, you can switch exits easily, but effectively your switching from one known bad IP to another bad IP.