From Online Lie to Offline Riot: What Torre Pacheco Reveals About Coordinated Hate Campaigns

How a wave of misinformation, impersonation, and doxxing fueled anti-migrant violence in Spain, and what Trust and Safety teams can learn.

Introduction

According to reports, over the weekend of 11 to 13 July 2025, the small Spanish town of Torre Pacheco in Murcia became the epicenter of violent anti-migrant riots. Sparked by a real-world assault on a pensioner on July 9, the situation quickly escalated, not because of facts, but because of false narratives spreading rapidly across social and fringe platforms.

ActiveFence’s misinformation researchers had long tracked the networks behind these escalations. We identified early calls to violence, traced the spread of disinformation, and surfaced patterns of cross-country coordination that drove the unrest.

A Surge of Misinformation Fueled the Violence

What began as online outrage quickly evolved into dangerous offline mobilization. Key elements of the misinformation surge included:

• Misattributed video: A video of an unrelated assault in Almería was falsely labeled as footage of the Torre Pacheco incident, stoking ethnic tensions.
• Doxxing: PII of North African men, unrelated to the assault, was widely circulated with explicit calls for revenge.
• Impersonation: A fake statement attributed to the Torre Pacheco Town Hall calling for anti-migrant actions was picked up by Russian state-affiliated media, lending it false credibility.
• Misleading content: Unrelated videos of street fights were reframed to suggest violent migrant attacks during the unrest.
• Imported narratives: Far-right accounts from across Europe framed the incident as evidence of a “Great Replacement” conspiracy.

This storm of falsehoods spread across fringe platforms and mainstream networks alike, amplified by well-connected extremist groups and disinformation actors.

Who’s Behind It: Decentralized Hate Networks

At the center of the online coordination was Telegram group #DeportThemNow, whose Spanish admin was arrested for hate speech after promoting “migrant hunts” in Torre Pacheco.

But this group wasn’t operating in isolation. It is part of a broader, transnational network of anti-migrant channels with branches in France, Germany, UK, Italy, Poland, and the Netherlands. These groups routinely rebrand, use Telegram for planning and X (formerly Twitter) for amplification, and spread low-effort AI-generated memes and violent rhetoric under the guise of “community protection.”

Crucially, these actors mix real crime stories with manipulated content to stoke emotional responses and justify violence.

A Familiar and Established Local Actor

Another known figure also played a role: Daniel Esteve, leader of Desokupa, infamous for organizing extrajudicial “evictions” of migrant families. ActiveFence first documented Esteve’s coordinated online campaigns back in 2023. His ability to mobilize both digital and physical action continues to make him a dangerous vector of hate-fueled mobilization.

Platform Gaps Exposed

Despite platform policies, much of the content that drove the violence remained live for days across languages and accounts. The events revealed several platform weaknesses:

• Slow response to geo-specific threats
• Coordinated inauthentic behavior through bots and impersonation tactics
• The illusion of legitimacy through fake official statements
• Emotionally manipulative content that spreads faster than fact-checking can keep up

Why This Matters

Torre Pacheco is not an isolated incident; it’s part of an emerging pattern of hybrid threats where misinformation, hate networks, and platform vulnerabilities converge.

For Trust & Safety teams, the takeaways are clear:

• Online hate is increasingly multilingual, cross-border, and intentionally provocative.
• Escalations are not random; they are architected by networks that blend real incidents with false narratives.
• The goal is not merely to spread lies. It’s to incite action.

How ActiveFence Helps

At ActiveFence, our Threat Intelligence capabilities are built to detect these patterns early, before they escalate. We identify coordinated narratives, monitor the evolution of digital hate campaigns, and provide enforcement-ready intelligence to help platforms mitigate risk in real time.

If you’re building GenAI, social platforms, or community-driven services, understanding how disinformation and extremist content evolves is essential to keeping users safe, and your platform compliant.

Want to better detect and respond to threats like those seen in Torre Pacheco? Speak to our Threat Intelligence team.