Chinese Police Shut Down ‘Black Hawk Safety Net’ Hacking School


There’s been a LOT of news lately about attacks from China, Chinese hackers and sites from China propagating malware.

The latest news is that China police have managed to shut down a hacker training operating that was schooling the next generation of Chinese script kiddies.

It seems like China is grooming a huge cyberarmy both in the private section (mostly underground) and in the government sector for cyber-terrorism.

Police in central China have shut down a hacker training operation that openly recruited thousands of members online and provided them with cyberattack lessons and malicious software, state media said Monday. The crackdown comes amid growing concern that China is a center for Internet crime and industrial espionage. Search giant Google said last month its e-mail accounts were hacked from China in an assault that also hit at least 20 other companies.

Police in Hubei province arrested three people suspected of running the hacker site known as the Black Hawk Safety Net that disseminated Web site hacking techniques and Trojan software, the China Daily newspaper said. Trojans, which can allow outside access to a computer when implanted, are used by hackers to illegally control computers. The report did not say exactly when the arrests took place.

Black Hawk Safety Net recruited more than 12,000 paying subscribers and collected more than 7 million yuan ($1 million) in membership fees, while another 170,000 people had signed up for free membership, the paper said.

With over 12,000 paying members they must have been raking in quite a tidy sum in membership fees. Estimated at $1million USD if you take into consideration the economy that’s a lot of money if there’s only 3 guys running the site.

It seems like the group has been around for quite a while, it’s rare to see a fairly underground hacking scene become so commercial.

I’m surprised it took 3 years to get shut-down, but then China has had it’s fair share of more serious problems to deal with.

The case can be traced to a hacking attack in 2007 on an Internet cafe in Macheng city in Hubei that caused Web services for dozens to be disrupted for more than 60 hours, the paper said. A few of the suspects caught in April said they were members of the Black Hawk Safety Net.

Black Hawk’s Web site 3800hk.com could not be accessed, but a notice purportedly from Black Hawk circulating on online forums said that a backup site had been set up. The notice also sought to reassure members of its continued operations and said its reputation was being smeared by some Internet users.

“At this time, there are Internet users with evil intentions who have deliberately destroyed Black Hawk’s reputation, deceived our members and stole material,” the notice addressed to members said. “We must join forces and attack these Web sites.”

A customer service officer contacted by phone, who refused to give his name, said the backup site provides content for its paying members to download course material to allow them to continue their computer lessons — though not in hacking. The Hubei government refused to comment Monday while officials at the provincial public security bureau did not respond to repeated requests for comment.

The site involved seems to be down still but rumors on related forums are that a backup site is already up, I’m sure it’s being kept private though and I suspect only the paying members will be notified of the new URL.

After this bust they’d be foolish not to be a little more cautious.

It’ll be interesting to see if any more news pops up about this Black Hawk Safety Net organization and if so what they are up to.

At least this time we can be pretty sure it’s not a CIA sting operation.

Source: Yahoo! News

Posted in: Hacking News

, ,


Latest Posts:


zBang - Privileged Account Threat Detection Tool zBang – Privileged Account Threat Detection Tool
zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations & red teams can use it to identify attack vectors
Memhunter - Automated Memory Resident Malware Detection Memhunter – Automated Memory Resident Malware Detection
Memhunter is an Automated Memory Resident Malware Detection tool for the hunting of memory resident malware at scale, improving threat hunter analysis process.
Sandcastle - AWS S3 Bucket Enumeration Tool Sandcastle – AWS S3 Bucket Enumeration Tool
Sandcastle is an Amazon AWS S3 Bucket Enumeration Tool, formerly known as bucketCrawler. The script takes a target's name as the stem argument (e.g. shopify).
Astra - API Automated Security Testing For REST Astra – API Automated Security Testing For REST
Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs.
Judas DNS - Nameserver DNS Poisoning Attack Tool Judas DNS – Nameserver DNS Poisoning Attack Tool
Judas DNS is a Nameserver DNS Poisoning Attack Tool which functions as a DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation.
dsniff Download - Tools for Network Auditing & Password Sniffing dsniff Download – Tools for Network Auditing & Password Sniffing
Dsniff download is a collection of tools for network auditing & penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a network


One Response to Chinese Police Shut Down ‘Black Hawk Safety Net’ Hacking School

  1. yerd.na-rusfan.71 February 21, 2010 at 2:02 am #

    Oo 2012 (the end?) is nothing compared to this oO