Jan 27 2008
There once was a website named heikeba.com (黑客吧), but alas no more. The site was run by three Hangzhou University students named Lin Yupeng (林宇鹏), Lin Cailong(林才龙) and Yao Pingqiang (姚平强). These young entrepreneurs dealt in massive numbers of Trojans. Reports have stated that they had an extensive collection of malware and at the time of the website’s demise, there were over 500 for sale. Heikeba.com had over 25,000 registered users and 100 VIP members. Toward the end, the site was averaging around US $2,700 a month and in less than nine months since its start in January of 2007, had made close to US $14,000.
So, what happened to heikeba.com? It seems that on 13 September 2007, the group was actually arrested and taken away by police for selling illegal programs. According to Liu Yuechuan (刘悦川), the police officer who conducted the investigation, he used VIP membership to get into the site and was shocked that it contained so many Trojans. He was also amazed at the number of viruses hidden on the site. The website was considered one of the largest distributors of malware in the country.
What makes this so unusual is that it hardly ever happens and certainly not
with this much publicity. There is hardly a Chinese hacker website that doesn’t sale or distribute some sort of malicious program and you don’t need VIP membership to discover it. What these guys really did or who they angered is still a mystery. Maybe it was just time to set an example.
Here is the CCTV special on the investigation and the arrest. It has a lot more details and I will do my best to give you an updated gist of the program.