How do cybercriminals trust each other when they don’t know whom they are dealing with? On the face of it, they can’t turn up at another criminal’s house and beat them up. They certainly can’t report being ripped off to the police. As a result of such challenges to cooperation, it might be expected that cybercriminals would operate alone or in small groups. Yet, in recent years, collaboration among cybercriminals has grown significantly. This presentation addresses the puzzle of how cybercriminals have overcome this trust problem and built an illicit shadow industry on a grand scale. Drawing on a seven-year study into the organisation of cybercrime, this analysis is based on almost 250 interviews with law enforcement, the private sector and former cybercriminals. These were carried out in some 20 countries, including fieldwork in purported cybercrime "hotspots" like Russia, Ukraine, Romania, Nigeria, Brazil, and China.