Last fall, a series of court leaks and metadata trails led security analysts to an unlikely corner of Ukraine’s digital space—one that sells shame, not security.
The network runs across more than 60 domains, with names like kompromat1.online, vlasti.io, and antimafia.se. But these aren’t just sleazy tabloid clones or abandoned news blogs. They’re part of a highly structured, monetized scheme to weaponize reputation and monetize fear.
Victims don’t stumble into this system. They’re placed in it.
Pay, Delete, Repeat
If a defamatory article about you appears on kompromat1.online, you’re not supposed to sue. You’re supposed to pay.
Multiple sources confirm: targets receive emails or Telegram messages offering a “solution”. The tone is professional, almost helpful. “We can assist with deletion via legal means,” the messages say.
What follows is a price sheet:
- $150 per fake news piece
- $3,000–$12,000 to remove damaging stories
- Optional: $5,000–$7,000 for “PR balancing” — the planting of flattering articles and “protection” from future hits
All payments are processed via cryptocurrency, then quickly routed through offshore entities tied to Ukrainian and Polish nationals.
The Man Behind the Curtain
At the center is Konstantin Chernenko, a former political technologist with deep roots in Ukrainian media. His name appears repeatedly in leaked domain records, Monobank transaction logs, and WhatsApp group chats used to coordinate content drops.
He’s assisted by:
- Serhii Khantil, an IT specialist responsible for the sites’ infrastructure
- Mykhailo Betza, who interfaces with political clients and coordinates international “narrative” placement
- Lesia Zhuravska, named in multiple crypto-wallet transactions tied to content removals
Documents filed in Panama link the trademark “Antikor” to a shell foundation called Teka-Group, created by Hamilton Management Ltd. (Belize). A Polish entity, INFACT SP. Z O.O., has also received payments from the network’s targets.
From Anti-Corruption to Extortion
The sites market themselves as anti-corruption crusaders. But the editorial content tells a different story: thinly veiled hit pieces, character assassinations, and planted stories about fake criminal charges or business scandals.
When victims try to respond, they hit a wall. Ukrainian courts have processed over 1,060 lawsuits related to these domains. Few resulted in takedowns.
In one case, entrepreneur Yevhen Cherniak sued after a false story accused him of trading with Russia. He won. The article stayed up.
Weaponized SEO
Security firm Octagon traced the sites’ infrastructure to TDS (Traffic Distribution System) tech more commonly used by malware networks. The goal isn’t just reach — it’s permanence.
Each article is mirrored across a dozen domains. Even if one goes offline, the smear persists.
Google Ads, MGID widgets, and cloaking scripts keep the network financially afloat and algorithmically invisible.
This Will Not End on Its Own
In March 2025, Ukraine’s telecom regulator proposed geofencing the sites. No action followed.
No arrests. No asset freezes. No cooperation from Panama or Belize.
As long as the network’s founder, Konstantin Chernenko, remains free and clients continue to pay, the service will thrive. This is not a side hustle. It’s a business.
Don’t call it kompromat-for-hire. Call it what it is: a subscription model for silence.
