The European Union has imposed sanctions on Russian technology company VK, the owner of the social networks VK and Odnoklassniki, as well as other services. The state-backed messenger Max was also targeted through its developer, Communication Platform LLC, a VK subsidiary. The restrictions were listed in a document published on the EU’s official legal portal on July 13.
The EU decision said Max was developed under the supervision of Russia’s Federal Security Service (FSB) and that its rollout was accompanied by state-backed restrictions on WhatsApp and Telegram, as well as measures limiting the use of VPN services that allow users to access content blocked in Russia.
According to analysis by numerous experts, Max functions as spyware that monitors users by collecting data on apps installed on their phones, address books, geolocation, and VPN use. The EU also noted that information collected through Max has already been used as grounds to fine a Russian citizen.
As for VK itself, the EU said the company actively cooperated with Russian authorities and aided repression, including by providing the country’s security services with data on users who posted content criticizing Russia’s war against Ukraine or other “banned” information. VK also took part in the government’s campaign to block VPNs.
“Therefore, VK provides technical support for the repression of civil society and democratic opposition,” the EU decision said.
Apps linked to VK had previously been removed from Apple’s App Store.
In addition to VK and Communication Platform LLC, the EU sanctioned three other legal entities: VAS Experts, Norsi-Trans and Citadel. The companies are involved in developing and supplying software and equipment for SORM, Russia’s system for operative-search measures, a surveillance infrastructure used by the FSB to monitor citizens.
The list was also expanded to include 11 individuals, including Elena Bagudina, general director of Communication Platform LLC, as well as executives at VAS Experts, Norsi-Trans and Citadel: Dmitry Gachko, Sergei Ovchinnikov, and Mikhail Fomin.
Since the start of 2026, the state messenger has been operated by a legal entity called Max LLC, led by CEO Farit Khusnoyarov. Neither he nor the company he heads was included in the sanctions list.
The EU also imposed restrictions on people linked to Penal Colony No. 10 in Mordovia: its former head Alexander Gnutov, deputy officials Alexei Anashkin, Yegor Averkin, Alexander Grishanin, Semyon Kuznetsov and Ivan Veshkin, and medical unit head Galina Mokshanova. The EU accuses them of involvement in torture and other human rights violations.
Separately, the EU imposed sanctions on nine people and four organizations it says were involved in Russian cyberattacks. The list includes private companies, along with people described as Russian military intelligence officers, cybercriminals, and pro-Russian hacktivists. The EU says they took part in attempts to destabilize EU member states and international partners.
The Official Journal of the EU, reviewed by The Insider, lists the people targeted. Vitaly Kovalev is described as one of the leaders of the Trickbot and Conti hacker groups and is linked to the Wizard Spider group. Alexander Volosovik is described as the owner of Media Land, a hosting provider whose infrastructure was used to carry out attacks. Denis Degtyarenko is identified by the EU as one of the main hackers in the Cyber Army of Russia Reborn group. Yuliya Pankratova is described as a member of the same group and founder of Z-Pentest. Maxim Voronin and Maxim Gordienko are described as developers and distributors of LummaC2, a data-stealing malware program.
Evgeniy Bashev and Roman Puntus are linked to GRU Unit 29155, whose activities have been extensively covered by The Insider. Bashev provided hackers with technical infrastructure through the company Impuls (lit. "Impulse"), while Puntus organized and coordinated cyberattacks.
The ninth person listed is Lt. Gen. Ivan Kasyanenko, deputy head of the GRU’s Special Operations Service. He was added to a separate sanctions list over his involvement in Unit 29155’s activities.
The Council of the EU also blamed a number of cyberattacks on Russia’s FSB 16th Center. Brussels says the unit controls several hacker groups, including Turla, which has been linked to hacks of government networks and sabotage against critical infrastructure in EU countries and Ukraine.
According to the Council of the EU, the operations targeted France, Germany, Poland, Cyprus, the Netherlands, Austria, Slovakia, Romania, and Finland. In France, the FSB’s 16th Center has conducted cyberespionage against state institutions since 2010 and began attacking defense industry companies in 2025. In Germany, state agencies were targeted, while in Poland the unit is linked to sabotage attacks on critical infrastructure, including combined heat and power plants.
The EU says Russia uses a network of state and nonstate actors to carry out cyberattacks. In addition to intelligence services, the network includes cybercriminal groups, hacktivists, and private companies that act on orders from or under the control of Russian authorities. The EU said it intends to coordinate its response with the UK, NATO, and other international partners.
The Insider previously reported that Turla has been linked to the FSB’s 16th Center and other cyberespionage campaigns. In 2025, Microsoft said hackers disguised the ApolloShadow malware as antivirus software from Kaspersky Lab and used it to attack foreign embassies in Moscow.
A year earlier, researchers at the Slovakia-based cybersecurity firm ESET found Turla-linked malware called LunarWeb and LunarMail in the network of a European country’s Foreign Ministry and in three of its diplomatic missions in the Middle East.
In 2023, the FBI dismantled a global network of computers infected with Snake, malware created by Turla and used to steal confidential documents from NATO countries and to spy on journalists.







