top of page

Cloudzy Enables 17 State-Backed Hacking Groups

Updated: Jan 8

A new report reveals how Cloudzy leased servers to at least 17 state-backed hacking groups, enabling cyber espionage and extortion campaigns around the world.

Credits: Reuters

An obscure cloud services provider called Cloudzy has been enabling state-sponsored hacking groups from China, Russia, Iran, North Korea, India, Pakistan and Vietnam to spy on and extort victims, according to a new report from Texas-based cybersecurity firm Halcyon. The findings highlight how small, fringe companies quietly provide vital infrastructure to major hacking operations.

Researchers at Halcyon made the discovery by mapping out Cloudzy's digital footprint and even renting servers directly from them. They estimate about half of Cloudzy's business came from leasing services to hackers, including two ransomware groups. However, Cloudzy CEO Hannan Nozari disputes these claims, saying his company cannot control how clients use its services.

In a LinkedIn exchange with Reuters, Nozari compared the situation to a knife factory not being responsible for how knives are used. But digital defenders say the case shows how small firms like Cloudzy are vital for enabling major cyberattacks. While CrowdStrike hasn't seen state hackers using Cloudzy, they have observed other cybercriminal activity linked to them.

Halcyon believes Cloudzy is likely a front for an Iran-based hosting company called abrNOC, run by Nozari. Although Nozari claims the firms are separate, he admitted abrNOC employees assist Cloudzy. The geographic base of Cloudzy's operations remains unclear.

Cloudzy is registered under its previous name RouterHosting in Cyprus and Wyoming. It relies on no-questions-asked cryptocurrency payments and anonymity to sell hosting services favoured by hackers. This business model is common among small virtual private server providers operating on the fringes of cyberspace.

The report exposes how obscure, fringe companies like Cloudzy quietly enable state-sponsored hacking by providing key infrastructure like servers and hosting. While individuals may not be aware of such firms, they play a vital role in supporting major cyber espionage and extortion campaigns around the world.

  • Obscure cloud services provider Cloudzy has been leasing servers to at least 17 state-sponsored hacking groups, enabling cyber espionage and extortion campaigns globally.

  • Researchers at cybersecurity firm Halcyon discovered Cloudzy's activities by mapping their digital footprint and estimate about half their business supports hacking operations.

  • Cloudzy relies on anonymity, cryptocurrency payments and operating on the fringes of cyberspace to sell services favored by state hackers and cybercriminals.


As technology advances and has a greater impact on our lives than ever before, being informed is the only way to keep up.  Through our product reviews and news articles, we want to be able to aid our readers in doing so. All of our reviews are carefully written, offer unique insights and critiques, and provide trustworthy recommendations. Our news stories are sourced from trustworthy sources, fact-checked by our team, and presented with the help of AI to make them easier to comprehend for our readers. If you notice any errors in our product reviews or news stories, please email us at  Your input will be important in ensuring that our articles are accurate for all of our readers.

bottom of page