<p> Much has been made of the growth of online black markets in Russia and Eastern Europe that facilitate the sale and distribution of tools and information designed to subvert and compromise computer networks and users. Specifically, web forums allow individuals to purchase access to sophisticated malicious software to victimize vulnerable systems and individuals, and sell the data they illegally obtain for a profit. While it is clear that malicious actors can acquire myriad resources to facilitate criminal activity, it is not clear what the return on investments is like relative to the costs of buying goods and services through these markets. This qualitative study examines this issue through an economic analysis of a sample of threads from ten active publicly accessible web forums that traffic in malware and personal information. Specifically, this talk will consider the costs of trojans, botnets, iframes tools, spam, DDoS services, and credit card information for victims and offenders to estimate dollar losses for victims relative to the economic gains for offenders who utilize and provide these resources. The findings will give significant insight into the role of malware and carding forums in the problem of cybercrime and the prospective economy revolving around computer intrusions and compromises. In turn, this talk can benefit computer security professionals, law enforcement, and anyone interested in better understanding cybercrime from the offender perspective. </p>