So, ransomware is very different from Open Source software until it is released as Open Source software. And then it is just like Open Source software.
Here's the story of how we got started on this Ransomware kick: We (Swell Technology) paid for a Webmin module to do some basic virtual hosting stuff for a client. Jamie Cameron wrote it, and did a great job. In hiring Jamie to write the software, we got to pick the license. We chose for it to be released as Open Source software eventually--but I know from past discussions on the Webmin mailing list that folks really want this kind of module, but no one so far has really implemented one that worked well (or was Open Source) or stepped up to make it happen either via funding or programming it.
So, we raised the ransom, the module went Open Source. The money went to Jamie in its entirety (i.e. we didn't attempt to recoup our original investment), and the community got an excellent virtual hosting management tool. Now we're doing the same thing for Squid Gzip, as the situation is very similar--lots of people want it, but no one has ~$6000 to make it happen.
Nothing complicated. No "business plans". Just a way to make cool features happen in Open Source software that ordinarily wouldn't because no single entity had the need or the funds to make it happen.