Cloudzy involved in cyber attacks

Accusation: Iranian company Cloudzy involved in Cyber Attacks

2 Mins Read

PureVPNAccusation: Iranian company Cloudzy involved in Cyber Attacks

An unknown Iranian company called Cloudzy offers services used by various threat actors, including cybercrime groups and nation-state crews. 

Although Cloudzy is registered in the United States, it likely operates from Tehran, Iran, possibly violating U.S. sanctions, and is allegedly directed by someone named Hassan Nozari, as reported by Halcyon. 

How does the company facilitate attacks?

The company acts as a 

  • command-and-control provider (C2P) 
  • provides attackers with Remote Desktop Protocol (RDP) virtual private servers 
  • anonymized services used for cybercriminal activities.

C2P providers operations

Halcyon states that C2P providers benefit from a liability loophole that doesn’t require them to ensure their infrastructure isn’t used for illegal operations. 

The ransomware-as-a-service (RaaS) business model involves 

  • core developers, 
  • affiliates who carry out attacks for a share, 
  • and initial access brokers who exploit vulnerabilities or stolen credentials to sell access to affiliates.

Source: Trend Micro

“The emergence of C2P providers points to a new group of actors who knowingly or unknowingly facilitate cyberattacks.”

Some notable actors believed to be utilizing Cloudzy’s services include state-sponsored entities from various countries, cybercrime groups, ransomware affiliates, and even the controversial Israeli spyware vendor Candiru.

Why is Cloudzy an easy target?

Malicious actors might be taking advantage of Cloudzy’s easy purchase process with just an email address and anonymous cryptocurrency payment, leading to potential abuse. Cloudzy’s website mentions penalties for misuse of their VPS services. 

“While these C2P entities might be legitimate businesses, they inadvertently become a crucial part of the attack apparatus for advanced threat actors,” according to Halcyon’s findings.

Retroactively…

Halcyon urges the technical readers to go through the process and identify the areas of compromise. They also advised to be proactive while assessing the security posture for maximum mitigations.

author

PureVPN

date

August 3, 2023

time

2 years ago

PureVPN is a leading VPN service provider that excels in providing easy solutions for online privacy and security. With 6000+ servers in 65+ countries, It helps consumers and businesses in keeping their online identity secured.

Related Stories

Snapchat Down Worldwide Amid Major AWS Outage: What We Know So Far

Snapchat Down Worldwide Amid Major AWS Outage: What We Know So Far
Posted on October 20, 2025
Slack Faces Partial Outage: Users Report Message Delays and Loading Issues

Slack Faces Partial Outage: Users Report Message Delays and Loading Issues
Posted on October 20, 2025
Arizona Sees Surge in VPN Demand After Age Verification Laws Take Effect

Arizona Sees Surge in VPN Demand After Age Verification Laws Take Effect
Posted on October 8, 2025

Have Your Say!!