Millions of users caught in the phishing trap
A fake version of the online library Z-Library has attracted millions of visitors and tapped into their personal data.
(Image: Erzeugt mit Dall-E durch heise online)
Ten million users apparently thought they had stumbled across one of the recurring mirror servers of the e-book piracy website Z-Library. But instead of getting cheap access to e-books, they were in for a nasty surprise after registering. The server operators collected millions of customers' personal data, passwords, crypto addresses and possibly also payments.
As the online portal Cybernews reports, the collected data was then apparently passed on to other criminals and the investigating authorities. During research, the Cybernews team of experts uncovered a disclosed database containing almost 10 million user data. In total, the personal data and Bitcoin and Monero wallet addresses of 9,761,948 users are said to have been affected. The database backup found apparently belongs to Z-lib, a clone of Z-Library, which often tops the results lists in Google searches. Investigations by Cybernews revealed that the data found appeared to be authentic. Many people had provided real names and other verifiable personal information when registering.
The original Z-Library was an online library with an extensive collection of e-books and scientific articles for download. Many users appreciated the platform because it offered free access to numerous books and articles that were otherwise expensive or difficult to find.
Darknet offer with pitfalls
Z-Library made many of the books and articles available without the consent of the copyright holders. The FBI therefore took several Z-Library servers offline at the end of 2022. The servers were also confiscated in China and other countries and the operators were prosecuted. However, shadow libraries with mirrored Z-Library offerings keep popping up, which can often only be accessed via the Tor network on the darknet.
This rather gray area apparently made it particularly easy for cybercriminals to elicit personal data, passwords and even wallet data from users via a fake version of the Z-Library. The Z-lib website was created just days after the original Z-Library domains were seized by law enforcement authorities in November 2022. The founders of the original Z-Library Anton Napolsky and Valeriia Ermakova were arrested in Cordoba, Argentina in November.
The operators of the phishing website pretended to continue the activities of the original Z-lib website and posed as the Z-Library project. Apparently, this was sufficient proof of trust for most visitors to register on the website without hesitation.
(anw)
