The Council of the **European Union** has sanctioned three Chinese and Iranian companies and two individuals for cyberattacks targeting devices and critical infrastructure. ### Sanctioned Entities One of the sanctioned Chinese companies, **Integrity Technology Group**, provided "technical and material support" between 2022 and 2023, leading to the compromise of over 65,000 devices across six EU member states. The other Chinese company, **Anxun Information Technology**, is accused of providing hacking services targeting "critical infrastructure and critical functions of member states and third countries." The two individuals added to the Council's sanctions list are the co-founders of **Anxun Information Technology**, believed to have played a significant role in cyberattacks against EU member states. The sanctioned Iranian company is **Emennet Pasargad**, which has been linked to multiple influence campaigns and the compromise of an SMS service in Sweden. ### Emennet Pasargad's Activities **Emennet Pasargad** has allegedly been involved in hijacking advertising billboards to spread misinformation during the 2024 Paris Olympics. According to **Microsoft**, using the moniker Holy Souls on a hacker forum, the actor also offered in early January 2023 to sell personal information of 230,000 subscribers of the French magazine Charlie Hebdo. Holy Souls asked for 20 bitcoins, worth around $340,000 at the time, and published a sample of the stolen details, which included Charlie Hebdo subscriber names and addresses.  **Emennet Pasargad** is believed to have provided cybersecurity services for the Iranian government and has a long history of influence campaigns. In November 2021, the U.S. Department of Justice offered a [$10 million reward](https://www.bleepingcomputer.com/news/security/us-indicts-iranian-hackers-for-proud-boys-voter-intimidation-emails/) for two Iranian nationals who worked as contractors for the company. ### Sanctions Imposed “Those listed today under both regimes are subject to an asset freeze, and EU citizens and companies are forbidden from making funds, financial assets, or economic resources available to them. Natural persons also face a travel ban that prohibits them from entering or transiting through EU territories,” notes the **European Council**. ### Integrity Technology Group and Flax Typhoon **Integrity Technology Group** was connected by the **FBI** in 2024 to the ‘Raptor Train’ botnet, believed to be operated by the Chinese state-sponsored threat actor ‘Flax Typhoon.’ In January 2025, the U.S. Treasury Department [sanctioned the company](https://www.bleepingcomputer.com/news/security/us-sanctions-chinese-company-linked-to-flax-typhoon-hackers/) for its involvement in these cyberattacks, allowing the Raptor Train to build a massive network of 260,000 infected devices. ### Anxun Information Technology (i-Soon) In March 2025, the U.S. Justice Department [sanctioned **Anxun Information Technology**](https://www.bleepingcomputer.com/news/security/us-charges-chinese-hackers-linked-to-critical-infrastructure-breaches/) (also known as i-Soon) for advertising hacker-for-hire services and carrying out cyberattacks since at least 2011. In mid-February 2024, [i-Soon suffered a data leak](https://www.sentinelone.com/labs/unmasking-i-soon-the-leak-that-revealed-chinas-cyber-operations/) that exposed the company's internal operations as a China-affiliated hacking contractor and its offensive toolkit. The U.S. authorities also announced rewards of up to $10 million for valid information leading to the location of 10 **Anxun Information Technology** executives and technical staff members. The [European Union started imposing cyber sanctions](https://www.consilium.europa.eu/en/policies/sanctions-against-cyber-attacks/timeline-sanctions-cyber-attacks/) in 2019 and, as of today, the restrictions target 19 individuals and seven entities responsible for malicious cyber activities.