Unofficial versions or "cracks" can sometimes be bundled with the very malware you are trying to prevent.
The communication is encrypted, often using AES-256 with a unique key generated per victim. This prevents security teams from intercepting and reading the commands even if they spot the traffic. eset t2bot
ESET frequently deactivates keys found on public lists, leading to "Product not activated" errors. Unofficial versions or "cracks" can sometimes be bundled