More sophisticated, well-funded cybercrime groups do dedicate some resources towards research and development activities. This could include developing new exploits, evasion techniques, malware variants and updating toolkits based on emerging threats and weaknesses that get detected.