The Council of the European Union has placed sanctions on three companies and two individuals from China and Iran over cyberattacks that targeted devices and critical infrastructure.
One of the Chinese companies, Integrity Technology Group, was accused of giving technical and material support between 2022 and 2023 that helped hackers compromise more than 65,000 devices across six EU countries.
The second Chinese company, Anxun Information Technology, was accused of providing hacking services aimed at critical infrastructure and other key functions in EU member states and in other countries.
The two individuals added to the sanctions list are the co-founders of Anxun Information Technology. EU officials believe they played an important role in cyberattacks against member states.
The Iranian company named in the sanctions is Emennet Pasargad. It has been linked to several influence campaigns and to the hacking of an SMS service in Sweden.
The company was also blamed for hijacking digital billboards during the 2024 Paris Olympics to spread false information.
Microsoft has previously linked Emennet Pasargad to the online name Holy Souls. In early January 2023, that actor reportedly offered to sell personal data from 230,000 subscribers of the French magazine Charlie Hebdo.
The asking price was 20 bitcoins, which was worth about $340,000 at the time. A sample of the stolen data was also published, including names and home addresses of subscribers.
Emennet Pasargad is believed to have provided cybersecurity services for the Iranian government and has a long record of running influence operations. In November 2021, the US Department of Justice announced a reward of up to $10 million for information on two Iranian nationals linked to the company.
The European Council said all those listed under the sanctions now face an asset freeze. EU citizens and companies are banned from making funds or economic resources available to them. The individuals also face a travel ban that stops them from entering or passing through EU territory.
Integrity Technology Group was linked by the FBI in 2024 to the Raptor Train botnet, which is believed to have been run by the Chinese state-backed group Flax Typhoon.
In January 2025, the US Treasury Department also sanctioned the company for helping build the Raptor Train network, which reportedly grew to 260,000 infected devices.
In March 2025, the US Justice Department sanctioned Anxun Information Technology, also known as i-Soon, saying it had advertised hacker-for-hire services and had carried out cyberattacks since at least 2011.
In February 2024, i-Soon was hit by a major data leak that exposed its internal operations, offensive tools, and its role as a China-linked hacking contractor.
US authorities also offered rewards of up to $10 million for information leading to the location of 10 i-Soon executives and technical staff members.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
The European Union began using cyber sanctions in 2019. With these latest actions, the bloc now has restrictions in place against 19 individuals and seven entities linked to malicious cyber activity.
