Multiple threat actors, including cybercrime groups and nation-state crews, leverage services offered by an obscure Iranian company called Cloudzy https://cloudzy.com. Although Cloudzy is incorporated in the United States, it almost certainly operates out of Tehran, Iran, in possible violation of US sanctions under the direction of someone named Hassan Nozari. The company acts as a command-and-control provider (C2P), which provides attackers with Remote Desktop Protocol (RDP) virtual private s
