Cybersecurity & Privacy

EU Sanctions Chinese and Iranian Firms for Cyberattacks

alex2404
By
alex2404
Byalex2404
Follow:
Disclosure: This website may contain affiliate links, which means I may earn a commission if you click on the link and make a purchase. I only recommend products or services that I personally use and believe will add value to my readers. Your support is appreciated!

The European Union’s cyber sanctions framework, active since 2019, has expanded to cover 19 individuals and seven entities. The latest additions target actors tied to state-linked hacking operations across two jurisdictions.

Contents

The Council of the European Union has sanctioned three companies — two Chinese and one Iranian — along with two individuals, for cyberattacks against EU member states’ devices and critical infrastructure, according to the announcement.

Integrity Technology Group, one of the two Chinese firms, provided “technical and material support” between 2022 and 2023 that resulted in the compromise of more than 65,000 devices across six EU member states. The FBI had previously linked the firm to the ‘Raptor Train’ botnet, attributed to the Chinese state-sponsored threat actor ‘Flax Typhoon,’ which built a network of 260,000 infected devices. The U.S. Treasury Department sanctioned the company in January 2025 on the same grounds.

The second Chinese firm, Anxun Information Technology — also known as i-Soon — advertised hacker-for-hire services and conducted cyberattacks against critical infrastructure in EU states and third countries, according to the Council. Its two co-founders are included in the sanctions list for their role in those operations. The U.S. Justice Department had sanctioned the company in March 2025, with U.S. authorities also offering rewards of up to $10 million for information leading to 10 of its executives and technical staff. In mid-February 2024, an internal data leak exposed i-Soon’s operations as a China-affiliated hacking contractor along with its offensive toolkit.

Iranian Firm’s Trail From Paris to Charlie Hebdo

The sanctioned Iranian entity, Emennet Pasargad, carries a distinct operational profile. The firm has been attributed multiple influence campaigns, including the hijacking of advertising billboards to spread misinformation during the 2024 Paris Olympics, and the compromise of an SMS service in Sweden. Operating under the moniker Holy Souls on a hacker forum, the actor offered in early January 2023 to sell personal data belonging to 230,000 subscribers of French magazine Charlie Hebdo, asking 20 bitcoins — worth approximately $340,000 at the time — and published a sample of stolen subscriber names and addresses, according to Microsoft.

The firm is also believed to have provided cybersecurity services for the Iranian government. In November 2021, the U.S. Department of Justice offered a $10 million reward for two Iranian nationals who worked as contractors for Emennet Pasargad.

More Read

CanisterWorm Hits 47 npm Packages in Trivy Supply Chain Attack
Perseus Android Malware Monitors Notes Apps for Financial Data
Oracle Emergency Patch Fixes Critical RCE Flaw CVE-2026-21992
PolyShell Flaw Enables Unauthenticated RCE on Magento Stores
INTERPOL Seizes 45,000 Malicious IPs in Global Cybercrime Sweep

What the Sanctions Require

All listed parties are subject to an asset freeze. EU citizens and companies are prohibited from making funds, financial assets, or economic resources available to them. The two individual co-founders of Anxun Information Technology additionally face a travel ban barring entry to or transit through EU territory, as stated by the European Council.

Photo by Brett Sayles on Pexels

This article is a curated summary based on third-party sources. Source: Read the original article

TAGGED:
Share This Article
Previous Article Mamba-3 Open Source Model Cuts Inference Costs vs Transformers
Next Article GlassWorm Abuses 72 Open VSX Extensions in Supply-Chain Attack
Archives