Security News > 2023 > August > Iranian Company Cloudzy Accused of Aiding Cybercriminals and Nation-State Hackers
Services offered by an obscure Iranian company known as Cloudzy are being leveraged by multiple threat actors, including cybercrime groups and nation-state crews.
The Texas-based cybersecurity firm said the company acts as a command-and-control provider, which provides attackers with Remote Desktop Protocol virtual private servers and other anonymized services that ransomware affiliates and others use to pull off the cybercriminal endeavors.
The emergence of C2P providers points to a new set of actors who "Knowingly or unwittingly" provide the infrastructure to carry out the attacks.
Some of the key actors that are assessed to be leveraging Cloudzy include state-sponsored entities from China, India, Iran, North Korea, Pakistan, Russia, and Vietnam as well as cybercrime entities.
"If your VPS server is suspended because of misuse or abusive usage such as prohibited uses: Phishing, Spamming, Child Porn, Attacking other people, etc.," reads support documentation on Cloudzy's website.
"While these C2P entities are ostensibly legitimate businesses that may or may not know that their platforms are being abused for attack campaigns, they nonetheless provide a key pillar of the larger attack apparatus leveraged by some of the most advanced threat actors," the company said.
News URL
https://thehackernews.com/2023/08/iranian-company-cloudzy-accused-of.html
Related news
- Iranian hackers charged for ‘hack-and-leak’ plot to influence election (source)
- Iranian hackers now exploit Windows flaw to elevate privileges (source)
- Iranian hackers act as brokers selling critical infrastructure access (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)