Security researchers investigating multiple malware distribution campaigns found that an underground traffic distribution service called Prometheus is responsible for delivering threats that often lead to ransomware attacks. Among the malware families that Prometheus TDS has dished out so far are Bazar Loader, IcedID, QBot, SocGholish, Hancitor, and Buer Loader. Researchers say that users can be redirected to a website infected with PrometheusBackdoor through an email campaign delivering an HTML file with a redirect, or a link to a web shell leading to a compromised site.
Source: https://www.bleepingcomputer.com/news/security/prometheus-tds-the-250-service-behind-recent-malware-attacks/