CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

EU sanctions Chinese and Iranian entities for state-backed cyber operations and influence campaigns

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

The Council of the European Union imposed sanctions on three Chinese companies, two Iranian entities, and two individuals for their roles in cyberattacks, botnet operations, and influence campaigns targeting the EU and third countries. The measures include asset freezes and travel bans, targeting entities and individuals involved in compromising over 65,000 devices, critical infrastructure intrusions, SMS service hijacking, and misinformation campaigns during major events. The sanctions align with prior actions by U.S. authorities, which previously linked some entities to state-sponsored threat actors and documented extensive offensive operations.

Timeline

  1. 17.03.2026 20:41 1 articles · 1h ago

    EU sanctions Chinese and Iranian entities for state-backed cyber operations and influence campaigns

    The Council of the European Union sanctioned three Chinese companies (Integrity Technology Group and Anxun Information Technology), two Iranian entities (including Emennet Pasargad), and two individuals for cyberattacks, botnet operations, and influence campaigns targeting EU member states and third countries. Sanctions include asset freezes, prohibitions on financial dealings, and travel bans. Integrity Technology Group was linked to the 'Raptor Train' botnet tied to the Chinese state-sponsored actor Flax Typhoon. Anxun Information Technology (i-Soon) was previously sanctioned by the U.S. for hacker-for-hire operations and a 2024 data leak exposed its offensive toolkit. Emennet Pasargad was attributed influence operations, SMS hijacking, and misinformation campaigns during the 2024 Paris Olympics.

    Show sources
    Open in new tab

Information Snippets

  • The EU sanctioned two Chinese companies: Integrity Technology Group for providing technical support that enabled the compromise of over 65,000 devices across six EU states (2022–2023), and Anxun Information Technology (i-Soon) for hacking services targeting critical infrastructure in EU member states and third countries since at least 2011.

    First reported: 17.03.2026 20:41
    1 source, 1 article
    Show sources

  • The EU added two individuals to the sanctions list: the co-founders of Anxun Information Technology, believed to have played significant roles in cyberattacks against EU member states.

    First reported: 17.03.2026 20:41
    1 source, 1 article
    Show sources

  • The sanctioned Iranian company, Emennet Pasargad, was attributed influence campaigns, compromise of an SMS service in Sweden, and hijacking advertising billboards to spread misinformation during the 2024 Paris Olympics.

    First reported: 17.03.2026 20:41
    1 source, 1 article
    Show sources

  • Microsoft attributed the persona 'Holy Souls' to Emennet Pasargad, which in January 2023 offered to sell personal data of 230,000 Charlie Hebdo subscribers for 20 bitcoins (~$340,000), publishing sample data including names and addresses.

    First reported: 17.03.2026 20:41
    1 source, 1 article
    Show sources

  • U.S. sanctions and indictments previously linked Integrity Technology Group to the 'Raptor Train' botnet operated by the Chinese state-sponsored actor 'Flax Typhoon', which grew to 260,000 infected devices by January 2025.

    First reported: 17.03.2026 20:41
    1 source, 1 article
    Show sources

  • Anxun Information Technology (i-Soon) was sanctioned by the U.S. Treasury in March 2025 for advertising hacker-for-hire services and executing cyberattacks since at least 2011. A February 2024 data leak exposed the company’s internal operations and offensive toolkit.

    First reported: 17.03.2026 20:41
    1 source, 1 article
    Show sources

  • EU sanctions prohibit asset transfers, financial dealings, and impose travel bans on listed individuals and entities, restricting their ability to operate in EU jurisdictions.

    First reported: 17.03.2026 20:41
    1 source, 1 article
    Show sources