Security & Infrastructure Tools
Europe sanctions Chinese and Iranian firms for cyberattacks
EU Council sanctions three Chinese and one Iranian companies, plus two individuals, for cyberattacks targeting EU devices and critical infrastructure, including hacking over 65,000 devices, compromising SMS services, hijacking billboards, and selling personal data of Charlie Hebdo subscribers; the sanctions impose asset freezes, travel bans, and restrictions on EU entities.
The European Union’s Council has taken decisive action against several Chinese and Iranian entities that have been implicated in large-scale cyber attacks targeting critical infrastructure across the EU. Three companies—Integrity Technology Group, Anxun Information Technology (also known as i‑Soon), and Emennet Pasargad—and two individuals, co‑founders of Anxun, were added to the sanctions list.
Integrity Technology Group supplied technical support between 2022 and 2023 that enabled attackers to compromise over 65,000 devices in six EU member states. The company was linked by the FBI to the “Raptor Train” botnet operated by the Chinese state‑sponsored threat actor Flax Typhoon. Earlier U.S. Treasury sanctions had already targeted this firm for its role in building a massive network of infected routers and IP cameras.
Anxun Information Technology offered hacking services that specifically aimed at critical infrastructure and functions within EU states and other countries. The company’s operations were exposed in a data leak that revealed its offensive toolkit and its affiliation with China. U.S. authorities have offered rewards for locating the company's executives, underscoring the seriousness of its threat.
Emennet Pasargad, an Iranian firm, has been associated with multiple influence campaigns and the compromise of an SMS service in Sweden. The company reportedly hijacked advertising billboards during the 2024 Paris Olympics to spread misinformation. According to Microsoft, a hacker known as “Holy Souls” sold personal data from 230,000 subscribers of the French magazine Charlie Hebdo, demanding 20 bitcoins—about $340,000 at the time.
The EU sanctions impose an asset freeze on these entities and individuals, preventing EU citizens and companies from providing funds or economic resources. Natural persons are also subject to a travel ban that prohibits entry or transit through EU territories. This move follows a long‑standing EU policy of targeting cyber threats, which now encompasses 19 individuals and seven entities responsible for malicious activity.
These sanctions represent a coordinated effort between the European Union, U.S. authorities, and other international partners to curb the growing threat posed by state‑sponsored hacking operations across borders.