In July 13, 2026, the Council of the European Union imposed restrictive measures against VK Company (VKontakte) and its subsidiary Communication Platform under its human rights sanctions regime, citing grave human rights violations in Russia . These entities are responsible for developing and managing the Max App – a smartphone application supervised by Russia’s Federal Security Service (FSB) that comes pre-installed on all mobile devices sold in Russia .
EU determined that the Max App includes “extensive surveillance features, later used for repressive actions against users criticising Russia’s war of aggression against Ukraine or posting other content banned by authorities” . According to the EU designation, VK “provides technical support for the suppression of civil society and democratic opposition” in Russia .
VK is Russia’s largest social network. According to official data for the first quarter of 2026, the platform’s average daily audience reached 62.7 million users, with a monthly audience of 93.4 million – representing 90% of Russia’s internet audience . The company’s overall ecosystem, including VKontakte, Odnoklassniki, Mail ru and other services, attracted 87.8 million daily active users in the same period.
Sanctions Target SORM Surveillance Infrastructure
The EU also imposed restrictive measures on three Russian companies that manufacture, develop, and sell hardware and software related to the so-called System of Operative Investigative Measures (SORM) – a surveillance system used to control internet and mobile communications in Russia :
-
Citadel
-
VAS Experts
-
Norsi-Trans
According to the EU Council, SORM is used to monitor phone calls, emails, text messages, and social networks, with the aim of “targeting journalists, opposition figures, minority groups and ordinary citizens” . The sanctions were imposed under the EU’s human rights framework established in March 2024 following the death of Alexei Navalny, which enables the bloc to target those providing support for serious human rights violations .
EU Sanctions FSB’s 16th Centre and Cyber Ecosystem
Under its cybersecurity sanctions regime, the EU imposed restrictive measures on nine individuals and four legal entities linked to Russia’s malicious cyber activities . The European Council officially named the 16th Centre of Russia’s Federal Security Service (FSB) – also known as the Center for Electronic Intelligence on Communications – as the entity controlling a range of cyber threat groups, including the notorious TURLA hacking group .
According to the EU statement, the FSB’s 16th Centre has for years carried out cyber operations of “growing severity” affecting EU member states and international partners, “notably Ukraine” . These activities have included infiltrating government networks and sabotaging critical infrastructure across at least nine European countries, including France, Germany, Poland, Cyprus, the Netherlands, Austria, Slovakia, Romania, and Finland.
UK Sanctions GRU Officers, Rybar Propaganda Network, and Cybercriminals
Following the EU’s announcement, the United Kingdom announced sanctions against 24 individuals and organisations “behind destructive cyber and hybrid operations, including cybercriminals involved in proxy networks linked to Russian intelligence services” .
The UK sanctions target:
GRU Leadership
High-ranking GRU leaders – Vyacheslav Stafeev, Ivan Senin, and Ivan Kasyanenko – were sanctioned for their role in directing GRU cyber and hybrid threat operations . The UK Foreign Office stated that GRU Unit 29155’s cyber division has worked with cybercriminals, including the company IMPULS, to recruit hackers and cyber specialists from universities across Russia .
Rybar Analytical Center
The UK imposed sanctions on employees of the so-called Information and Analytical Center “Rybar” – a propaganda media project covering the war against Ukraine with over 1.5 million subscribers on its Telegram channel . According to the UK government, Rybar is responsible for “spreading false narratives about Ukraine and interfering in European elections, including in Moldova and Armenia” .
The following employees of the Rybar project were included in the UK sanctions list:
| Name | Role |
|---|---|
| Tatiana Petrovna Kosterova | Responsible for translations |
| Olga Sergeevna Kuznetsova | Regional manager |
| Natalia Vitalievna Chebotaeva | Video producer |
| Maxim Vitalievich Matveev | Designer |
| Evgenia Aleksandrovna Grebneva | Administrator of Telegram groups |
| Alexander I. Minin | Responsible for content of the TEXASvsUSA project |
| Daria Roslyakova | Head of regional analytical department |
| Alexander Klimovich Kahn | Head of video department |
| Valeria Vladimirovna Zvinchuk | Creative director |
| Denis Valerievich Wolf | Founder of LLC “Rybar” |
The UK also sanctioned IMPULS company for collaborating with the GRU in recruiting cyber specialists, as well as operators of the Lumma Stealer malware, which has affected at least 2,100 individuals in the UK over the past six months.
