Ten million users apparently thought they had stumbled upon one of the recurring mirror servers of the e-book piracy website Z-Library. But instead of getting cheap access to e-books, there was only a nasty surprise after registering. The server operators collected personal data, passwords, crypto addresses and possibly even payments of millions of customers.
Advertisement
As reported by the online portal CyberNewsthe collected data was apparently passed on to other criminals and investigating authorities. During the research, the team of CyberNews experts uncovered an exposed database with approximately 10 million user data. In total, personal data of 9,761,948 users as well as Bitcoin and Monero wallet addresses are said to be affected. The database backups found apparently belong to Z-lib, a clone of Z-Library, which often tops the result list in Google search results. The CyberNews investigation showed that the data found was apparently authentic. Many people had provided real names and other verifiable personal information when registering.
The original Z-Library was an online library with an extensive collection of e-books and scientific articles available for download. Many users appreciated the platform because it offered free access to many books and articles that were otherwise expensive or difficult to find.
Darknet offers disadvantages
Z-Library made many of the books and articles offered available without the consent of the copyright holders. Therefore the FBI took several Z-Library servers offline in late 2022. also in China And in other countries, servers were seized and operators were prosecuted. However, shadow libraries continue to appear alongside mirrored offerings from Z-LibraryWhich can often only be accessed through the Tor network on the darknet.
This area, which can be described as a gray area, has apparently made it particularly easy for cybercriminals to extract personal data, passwords, and even wallet data from users using a fake version of Z-Library. The Z-lib website was created just days after the original Z-Library domain was seized by law enforcement in November 2022. The founder of the original Z-Library Anton Napolsky and Valeria Ermakova were born in Cordoba, Argentina in NovemberHe was arrested.
The operators of the phishing website pretended to continue the activities of the original Z-lib website and posed as the Z-Library project. Apparently this was a sufficient sign of trust for most visitors to register on the website without hesitation.
(USC)
