There are a couple of ways that wrongdoers can acquire zero-day malware:
1. https://islamhood.org/?p=692 They can buy it on the black market.
2. They can develop it themselves.
3. They can take it from a legitimate company or person.
4. They can discover it in the wild.
https://freecex.com/?p=907 The most common manner in which criminals get zero-day malware is by purchasing it on the black market. There are a number of black markets that offer zero-day malware, and the prices can vary depending on the need and the elegance of the malware.
Lawbreakers can also produce zero-day malware themselves, although this is less common. In order to do this, they would need to have a great understanding of computer security and exploits.
Another manner in which criminals can get zero-day malware is by taking it from a genuine company or person. This can be done by hacking into a business's network and taking the malware, or by social engineering a business or person into providing them the malware.
Lastly, criminals can find zero-day malware in the wild. This generally occurs when a security researcher finds a new vulnerability and composes an exploit for it. The researcher may then offer the exploit to a criminal group, or the make use of might be leaked online.