Browsing through all of the archived answers on this site I became
aware of a recurring piece of spam posted in the GA comments area of
several questions.

The offending pieces of spam can be viewed here, in this saved search

http://answers.google.com/answers/search?q=h4ckzone+OR+hirehackers+OR+http%3A%2F%2Fwww.hackv2.com&qtype=all&btnG=Google+Search

Three different identities, same basic claims about hacking e-mail
accounts.  All likely the same people (person).  I was just wondering
how much can be discovered about organizations like this.

Anybody who can tell me anything about this organization running this,
and tell me exactly what internet resources were used to "mine" this
sort of data from the web, gets my money.  I'm most interested having
the tools to investigate the shadowy parts of the web with reliable
information, not the abundant misinformation "planted" throughout the surface web.

I will tip generously for an especially inventive, complete answer.

I realize my question may be confusing, feel free to ask for clarification

Hello johnny_moniker,

In cached versions, you can still see several of the posts that were
on Google Answers:

"I think my wife is cheating" (Google cache from Sep 8, 2005)
Google Answers
http://64.233.167.104/search?q=cache:iGWKEczUOegJ:answers.google.com/answers/threadview%3Fid%3D447934

"Breast Implants" (Google cache from Sep 12, 2005)
Google Answers
http://64.233.167.104/search?q=cache:KavQvIAUGywJ:answers.google.com/answers/threadview%3Fid%3D554173

"Dating" (MSN cache from 9/10/2005)
MSN
http://cc.msnscache.com/cache.aspx?q=2231288243375&lang=en-US&FORM=CVRE

"fun things to do with a date" (MSN cache from 9/10/2005)
MSN
http://cc.msnscache.com/cache.aspx?q=2231288243256&lang=en-US&FORM=CVRE2

"Russian Bride" (MSN cache from 9/10/2005)
MSN
http://cc.msnscache.com/cache.aspx?q=2231228685282&lang=en-US&FORM=CVRE3

It seems that two of the sites you mention, http://www.h4ckzone.com/
and http://www.hackv2.com/, are indeed from the same person or
organization, apparently located in India.  They were even created on
the same date.

"H4ckzone.com"
Whois Source
http://www.whois.sc/h4ckzone.com

"Hackv2.com"
Whois Source
http://www.whois.sc/hackv2.com

The registration information is dubious: the telephone number includes
"12345678," while "c/o SANTOSH JHA" apparently refers to accused
scammer Santosh Jha, mentioned in various articles such as:

"Kingpin Santosh Jha surrenders" (June 2, 2005)
The Tribune [Chandigarh, India]
http://www.tribuneindia.com/2005/20050602/nation.htm

It also seems that both sites have appeared at .tk addresses.

http://www.h4ckzone.tk/ (MSN cache from 9/2/2005)
MSN
http://cc.msnscache.com/cache.aspx?q=2191347581474&lang=en-US&FORM=CVRE

http://www.hackv2.tk/ (MSN cache from 9/7/2005)
MSN
http://cc.msnscache.com/cache.aspx?q=2195797444366&lang=en-US&FORM=CVRE

Unfortunately, the Whois server for .tk URLs (http://whois.dot.tk/) is
not working at the moment.  Perhaps if and when it works again, it
will reveal additional helpful information.

The third site that you mention seems to have its origin in Brazil.

"Hirehackers.net"
Whois Source
http://www.whois.sc/hirehackers.net

Its US registration information, at least, is doubtful, in part due to
the same kind of unlikely telephone number as that for the other two
sites (in this case, including "1 234 56789").

A copy of the site is found at:

Hire Hackers
http://www.hirehackers.da.ru/

- justaskscott


Search strategy --

Searched on Whois Source for:

hirehackers.net
h4ckzone.com
hackv2.com

Searched on Google, Ixquick, and MSN for one or more of the following
terms, individually or in combinations:

hirehackers
h4ckzone
hackv2
"google answers"
site:hirehackers.net
site:h4ckzone.com
site:hackv2.com
h4ckzone.tk
hackv2.tk
whois
tk
santosh jha

[I tried other searches as well; but the searches I've mentioned led
me to the pages I've cited.]

The good people in Mountain View have been advised, so there is a good
chance that all the comments will be deleted in the course of Cal. AM
time.  You probably noticed that the posting appeared a second time
with a different user name on the first question that comes up with
your link, that one Sept. 11.  The others all were posted within a few
minutes on Sept. 10, maybe after a search on "sex", "relationship" or
the like to sleect target questions.
The posters were obviously pretty savvy about GA, since the "subject"
line was changed when posting the comments, something that even some
avid commenters did not know was possible.
Yes it would be very interesting.