The EU Strikes Back: New Sanctions Target Chinese and Iranian Cyber Threat Actors
Ddos 
In a decisive move to protect the digital sovereignty of its member states, the Council of the EU has officially hit the “block” button on a series of international threat actors. By adopting new restrictive measures today, the EU is sending a clear message: malicious cyber activities targeting European infrastructure will face tangible, real-world consequences.
The latest round of sanctions targets three entities and two individuals across China and Iran, marking a significant expansion of the EU’s horizontal cyber sanctions regime.
Two of the primary targets are Chinese technology firms that the EU claims have turned commercial capabilities into weapons for state-aligned hacking.
- Integrity Technology Group: This company has been flagged for routinely providing products used to “compromise and access devices in EU member states, across Europe and worldwide”. The scale of their operations is staggeringβbetween 2022 and 2023, their technical support facilitated the hacking of over 65,000 devices across six different member states.
- Anxun Information Technology: Also based in China, this firm provided specialized hacking services “aimed at the critical infrastructure and critical functions of member states and third countries”.
- The Co-Founders: Two Chinese individuals were also listed today for their direct involvement in these attacks. As co-founders of Anxun, they were deemed “responsible for and involved in cyber-attacks affecting EU member states”.
The sanctions also extend to the Iranian company Emennet Pasargad. According to the Council, the group unlawfully accessed a French subscriber database and “advertised its contents for sale on the dark web”.
Perhaps most notably, the group attempted to manipulate public perception during one of the world’s biggest stages:
“They also compromised advertising billboards to spread disinformation during the 2024 Paris Olympic Games“.
Furthermore, their reach extended to Sweden, where they compromised an SMS service that impacted “a large number of EU citizens”.
Being added to the EUβs sanctions list is no mere formality. Those listed today face severe financial and physical restrictions designed to cripple their ability to operate within Europe:
- Asset Freezes: All funds and economic resources belonging to these entities and individuals within the EU are now frozen.
- Financial Embargo: EU citizens and companies are strictly “forbidden from making funds, financial assets or economic resources available” to the sanctioned parties.
- Travel Bans: The two individuals listed face a travel ban, prohibiting them from “entering or transiting through EU territories”.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
