Researchers at Netscout Arbor have discovered a malware downloader advertised on underground forums as a paid open beta product. Called Kardon Loader, it allows customers to build a malware distribution network or a botshop. Experts believe the malware is a rebrand of the ZeroCool botnet that was built by the same actor. The actor created its own logo and provides a disclaimer claiming that the software should not be used for malicious purposes. The malicious code uses a HTTP-based C&C infrastructure with URL parameters that are base64 encoded.”]
Source: https://securityaffairs.co/wordpress/73751/malware/kardon-loader-distribution-network.html