You didn't have to roam hacking sites to find tools, you could make a purchase online and be up and running in no time. The product came with instructions and support.

The FTC reports:

According to papers filed with the court, the defendants provided RemoteSpy clients with detailed instructions explaining how to disguise the spyware as an innocuous file, such as a photo, attached to an email. When consumer victims clicked on the disguised file, the keylogger spyware silently installed in the background without the victims' knowledge. This spyware recorded every keystroke typed on the victim's computer (including passwords); captured images of the computer screen; and recorded Web sites visited. To access the information gathered and organized by the spyware, RemoteSpy clients would log into a Web site maintained by the defendants.

I can imagine this would be appealing to a suspicious spouse or employer investigating leaks but this could easily backfire. If it landed on someone's computer at work, the company's anti-malware or content filtering may have detected its activity and before long the victim would know what was going on. And if the company couldn't detect it, that would raise questions about compliance and data loss prevention.