The European Council has adopted new sanctions against three companies and two individuals accused of carrying out cyberattacks targeting EU member states and international partners.
Among the sanctioned entities is Integrity Technology Group, which the EU says routinely supplied tools used to compromise devices across Europe and worldwide. According to EU officials, between 2022 and 2023, support linked to the company enabled the hacking of more than 65,000 devices across six EU member states.
Anxun Information Technology, another Chinese company, was listed for allegedly providing cyberattack services targeting critical infrastructure and essential state functions in EU countries and third states. Two Chinese nationals identified as co-founders of the company were also added to the sanctions list for their alleged role in cyber operations affecting EU member states.
The Council additionally sanctioned the Iranian company Emennet Pasargad. EU authorities say the firm unlawfully accessed a French subscriber database and attempted to sell the data on the dark web. It was also accused of compromising digital advertising billboards to spread disinformation during the 2024 Paris Olympic Games and of breaching a Swedish SMS service, affecting a large number of EU citizens.
Under the EU’s cyber sanctions regime, those listed face asset freezes, and individuals and companies within the EU are prohibited from providing them with funds or economic resources. The two sanctioned individuals are also subject to travel bans, preventing them from entering or transiting through EU territory.