Listen to this Post
Introduction: Europe Tightens Its Cybersecurity Defenses
Cyber warfare is no longer a distant threat. Governments around the world are increasingly facing sophisticated digital attacks targeting infrastructure, institutions, and even public opinion. In response to growing concerns about state-linked cyber operations, the Council of the European Union has announced new sanctions against several companies and individuals accused of supporting large-scale cyberattacks across Europe.
The sanctions target organizations from both China and Iran that are believed to have conducted hacking operations, influence campaigns, and infrastructure attacks affecting multiple countries. These measures highlight the European Union’s increasing willingness to publicly attribute cyber operations and impose economic penalties against those responsible.
EU Targets Companies Behind Major Cyber Campaigns
The European Union has officially sanctioned three companies and two individuals linked to cyber operations targeting devices and critical infrastructure. Among the organizations named are Chinese cybersecurity contractors and an Iranian company involved in influence operations and data breaches.
One of the sanctioned Chinese firms, Integrity Technology Group, allegedly provided technical and material assistance between 2022 and 2023 that enabled attackers to compromise more than 65,000 internet-connected devices across six EU member states. The scale of the intrusion demonstrates how vulnerable connected systems remain when coordinated botnet operations are deployed.
Another company, Anxun Information Technology, also known as i-Soon, was identified as a hacking contractor that offered cyber intrusion services targeting critical infrastructure and government functions both within EU member states and abroad. Investigators believe the company played a central role in orchestrating offensive cyber activities over several years.
The EU sanctions also extend to two individuals connected to Anxun Information Technology. Both are co-founders of the company and are suspected of directing or enabling cyber operations targeting European entities.
Iranian Firm Linked to Influence Campaigns and Data Theft
The third company sanctioned by the EU is the Iranian firm Emennet Pasargad. This organization has been associated with multiple influence campaigns aimed at manipulating public perception and spreading misinformation.
One notable incident attributed to the company involved the compromise of an SMS messaging service in Sweden, which allowed attackers to interfere with communications and potentially spread misleading information.
The company was also linked to a bizarre but effective disinformation tactic during the 2024 Paris Olympics, where digital advertising billboards were reportedly hijacked to display misleading messages designed to influence public opinion.
According to Microsoft threat intelligence reports, the actors behind Emennet Pasargad also operated under the hacker forum alias “Holy Souls.” In early January 2023, the group attempted to sell personal information belonging to approximately 230,000 subscribers of the French satirical magazine Charlie Hebdo.
The hackers demanded 20 bitcoins in exchange for the stolen data, which at the time was valued at roughly $340,000. To demonstrate the authenticity of the breach, they published sample records that included names and addresses of subscribers.
Investigators believe Emennet Pasargad has long worked as a cybersecurity contractor for the Iranian government, participating in influence operations and digital espionage campaigns.
Previous Investigations and U.S. Sanctions
The European sanctions come after several investigations conducted by U.S. authorities. In 2024, the Federal Bureau of Investigation linked Integrity Technology Group to the massive “Raptor Train” botnet operation.
The botnet is believed to be operated by the Chinese state-sponsored threat group Flax Typhoon. This operation reportedly built a network of more than 260,000 compromised devices around the world, turning them into remotely controlled systems capable of launching further attacks.
Because of its involvement, the United States Department of the Treasury imposed sanctions against Integrity Technology Group in January 2025.
Meanwhile, the United States Department of Justice also sanctioned Anxun Information Technology in March 2025. Authorities accused the company of openly advertising hacker-for-hire services and conducting cyberattacks since at least 2011.
A significant turning point occurred in February 2024 when a massive internal data leak exposed the operations of Anxun Information Technology. The leaked information revealed internal documents, offensive cyber tools, and evidence suggesting the company functioned as a hacking contractor aligned with Chinese interests.
Following the leak, U.S. authorities offered rewards of up to $10 million for information leading to the location of ten executives and technical staff members associated with the company.
EU Cyber Sanctions Framework Expands
The European Union began implementing a formal cyber sanctions framework in 2019 to counter malicious digital activities targeting its institutions and member states.
Under this framework, individuals and organizations responsible for cyberattacks can face severe penalties, including asset freezes and travel restrictions. Those listed are prohibited from accessing funds within EU jurisdictions, and European citizens and companies are forbidden from providing financial support to them.
Additionally, sanctioned individuals are subject to travel bans preventing them from entering or passing through EU territories.
As of today, the EU cyber sanctions program includes 19 individuals and seven organizations accused of participating in malicious cyber activities ranging from espionage to digital sabotage.
What Undercode Say:
Cyber Sanctions Are Becoming a New Geopolitical Weapon
The latest sanctions demonstrate a growing global trend: cyber operations are now treated with the same seriousness as traditional geopolitical threats. Governments increasingly view digital attacks as acts that can justify economic retaliation.
Hackers-for-Hire Are Blurring State and Private Boundaries
One of the most striking aspects of the case is the role of companies like Anxun Information Technology. These firms operate in a grey zone between private contractors and state intelligence operations. Governments can deny direct responsibility while still benefiting from their capabilities.
Botnets Remain One of the Most Dangerous Cyber Weapons
The Raptor Train botnet illustrates how vulnerable modern infrastructure remains. Hundreds of thousands of compromised devices can be weaponized to launch distributed attacks, espionage campaigns, or disinformation operations.
Many of these infected devices are everyday consumer technologies, including routers, cameras, and IoT equipment. Their security is often weak, making them ideal targets for botnet operators.
Information Warfare Is Expanding Beyond Traditional Targets
The activities attributed to Emennet Pasargad reveal that cyber operations are no longer limited to espionage or infrastructure attacks. Influence campaigns targeting media outlets, public messaging systems, and social perception are becoming equally important.
Hijacking advertising billboards during a major global event like the Paris Olympics shows how psychological impact can sometimes be more valuable than direct technical damage.
Data Breaches Are Being Monetized as Political Tools
The attempted sale of Charlie Hebdo subscriber data demonstrates how stolen information can be used not just for profit but also for intimidation and political messaging. Publishing personal data linked to a controversial publication carries obvious ideological implications.
International Cooperation Is Strengthening Cyber Enforcement
Another important aspect is the coordination between EU and U.S. authorities. Both governments investigated the same organizations and imposed sanctions independently but with aligned conclusions.
This coordinated pressure increases the effectiveness of sanctions by restricting global financial and travel options for those involved.
Cyber Attribution Is Becoming More Confident
In the past, governments were hesitant to publicly attribute cyberattacks. Today, intelligence agencies are increasingly confident in identifying actors and linking them to companies, contractors, and sometimes entire state-sponsored groups.
This shift is changing the rules of cyber conflict.
The Future Battlefield Is Digital Infrastructure
Critical infrastructure is now a central target for cyber operations. Energy networks, communications systems, transportation platforms, and digital services are increasingly integrated and interconnected.
That interconnectedness makes them powerful but also vulnerable.
Defensive Cyber Policy Is Still Catching Up
Despite stronger sanctions frameworks, defensive cybersecurity measures across many sectors remain inconsistent. Many attacks still succeed because organizations fail to patch systems, update software, or implement proper monitoring.
Cyber Sanctions May Only Be the Beginning
Economic sanctions are one of the few tools governments currently use to respond to cyberattacks. However, as cyber warfare intensifies, countries may eventually adopt stronger deterrence strategies, including counter-cyber operations.
Fact Checker Results
✅ The European Union has sanctioned multiple companies and individuals linked to cyberattacks targeting EU infrastructure.
✅ Integrity Technology Group and Anxun Information Technology were previously investigated and sanctioned by U.S. authorities for cyber activities.
✅ Emennet Pasargad has been associated with influence campaigns and cyber operations linked to the Iranian government.
Prediction
🔮 Governments will increasingly sanction private cybersecurity contractors involved in state-linked hacking operations.
🔮 Botnet-based attacks targeting IoT devices and infrastructure will continue growing over the next decade.
🔮 International alliances may develop stronger joint cyber defense and retaliation frameworks to counter large-scale digital threats.
🕵️📝✔️Let’s dive deep and fact‑check.
References:
Reported By: www.bleepingcomputer.com
Extra Source Hub (Possible Sources for article):
https://www.twitter.com
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
Bing
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeNews & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon
