Cloud company aided 17 govt. hacking groups -US researchers
Cloud company aided 17 govt. hacking groups -US researchers
Obscure Cloud Service Company Enables State-Sponsored Hackers: Unveiling the Dark Underbelly of Cyberspace
In the dark corners of cyberspace, an obscure cloud service company named Cloudzy has been facilitating state-sponsored hackers for their nefarious activities, according to a report by Texas-based cybersecurity firm Halcyon. This revelation sheds light on the collaboration between 17 different hacking groups from China, Russia, Iran, North Korea, India, Pakistan, and Vietnam, who utilized Cloudzy’s internet services to spy on and extort their victims.
Cloudzy’s CEO, Hannan Nozari, vehemently disputes Halcyon’s assessment, asserting that his company cannot be held responsible for the actions of its clients. Drawing an analogy, Nozari likens Cloudzy’s role to that of a knife factory, stating, “If you are a knife factory, are you responsible if someone misuses the knife? Trust me, I hate those criminals, and we do everything we can to get rid of them.”
This case epitomizes how hackers and ransomware gangs exploit small firms operating at the fringes of cyberspace to enable major cyberattacks. Halcyon estimates that a significant portion of Cloudzy’s business, around 50%, is malicious, with the company even renting its services to two ransomware groups.
To arrive at this conclusion, Halcyon mapped out Cloudzy’s digital footprint by renting servers directly from the company and linking it to known hacking operations. While cybersecurity firm CrowdStrike, not involved in the research, has not observed state-sponsored hackers using Cloudzy, it has identified other cybercriminal activities associated with the company.
- A 26-year-old MBA student launched a beauty business while studying...
- Signing an NDA is now recommended as a way to explain resume gaps o...
- The mandated return to the office has had worse consequences than a...
The geographical base of operations for Cloudzy remains undisclosed. Halcyon researchers delved into the social media accounts of Cloudzy employees, primarily LinkedIn and Facebook, uncovering strong indications that the company is likely a front for another internet hosting firm called abrNOC, run by Nozari from Tehran. Nozari, who maintains that he resides outside Iran without providing further details, acknowledges a degree of collaboration between abrNOC and Cloudzy while refraining from disclosing specifics.
Corporate records reviewed by ANBLE and confirmed by Nozari disclose that Cloudzy is registered under its previous name, RouterHosting, in Cyprus and the U.S. state of Wyoming. Nozari explains that the U.S. domicile was essential for registering internet protocol addresses in America. However, it remains uncertain whether Nozari’s registered agent, CloudPeak Law—a Wyoming-based law firm in Sheridan—was aware of the allegations against Cloudzy.
Cloudzy operates on a typical business model employed by several small virtual private server providers, offering internet hosting services in exchange for cryptocurrency, no questions asked. Adam Meyers, an executive with CrowdStrike, comments on the situation, stating, “There’s a whole ecosystem of ne’er-do-well kind of folks who are in this business.”
The exposure of Cloudzy’s collaboration with state-sponsored hackers highlights the pervasive nature of cybercrime and the challenges faced in combating it. These findings underscore the need for increased vigilance and regulation within the cybersecurity landscape.
Key Points:
- Cloudzy, an obscure cloud service company, has enabled state-sponsored hackers from 17 different countries, including China, Russia, Iran, North Korea, India, Pakistan, and Vietnam.
- CEO Hannan Nozari refutes accusations, emphasizing that Cloudzy cannot be held responsible for its clients’ actions.
- The collaboration between Cloudzy and state-sponsored hackers reflects a broader trend of hackers exploiting small firms to facilitate major cyberattacks.
- Approximately 50% of Cloudzy’s business is estimated to be malicious, with two ransomware groups among their clientele.
- Halcyon’s investigation involved renting servers from Cloudzy and tying the company to known hacking operations.
- Cloudzy’s true location and operations are shrouded in mystery, with indications that it may be a front for the internet hosting company abrNOC.
- Cloudzy is registered under its previous name, RouterHosting, in Cyprus and Wyoming, but it is unclear if CloudPeak Law, the company’s registered agent, was aware of the allegations.
- The cloud service company’s business model, like others in the industry, operates on anonymity and accepts cryptocurrency payments.
- This case exposes the pervasive nature of cybercrime and the need for heightened vigilance and regulation in cybersecurity.
The uncovering of Cloudzy’s role in facilitating state-sponsored hackers serves as a stark reminder of the ongoing battle against cybercrime. As technology continues to advance, it is imperative that efforts to combat malicious activities keep pace. By exposing these hidden alliances and shedding light on the mechanisms of cybercriminals, researchers and cybersecurity firms play a vital role in securing the digital landscape for individuals, businesses, and governments alike.