My biggest issue with IP brokers is how they'll avoid taking any responsibility for their customers action. A fair amount of bullet proof hosters (and we're talking malware distribution, botnet c2s, ransomware c2s, proxy/scanning) get their space from brokers. When you engage with the brokers they say go talk to the transit providers - and because the bullet proof guys can switch off to another transit provider easily they maintain connectivity/continue to operate. Super common in Europe where most of this goes on and they have a super plentiful transit market - but they are still rolling with the same set of IPs they get from these brokers (and one in particular).