Update: A second, zero-day flaw usedĪrs Technica, together with the security firm Censys, took a closer look at the log files from wiped My Book Live drives and found evidence that a second flaw, one previously unknown to Western Digital, was used in the attacks.įurthermore, the wiping of the drives may have been the result of an attempt by a second attacker to sabotage or steal the work of the first attacker.
WESTERN DIGITAL MY BOOK LIVE SECURITY PATCH
It’s unclear if a patch will be made available to prevent this problem from escalating further. WD’s official advice is still to disconnect your My Book Live drives from the internet, and prevent your data being wiped.
WESTERN DIGITAL MY BOOK LIVE SECURITY UPDATE
WD states in its official statement that the affected drives received their last firmware update in 2015. To make matters worse, it seems as though the problem was never patched when it was discovered and publicized in 2018. WD has confirmed that this issue is the result of the vulnerability being exploited on a large scale. This vulnerability allows for root remote command execution by anyone who knows the IP address of any unpatched device - which can be learned from an internet scan. Instead, the resets are being blamed on “malicious software," and WD clarified in a statement to BleepingComputer that affected devices have been “comprised by a threat actor."Įvidently, the wiped WD My Book Live devices are being affected by someone exploiting a known vulnerability in the device’s software. However, WD’s official statement claims that its cloud services and servers do not appear to have been compromised. This is a very reasonable concern to have.
Others have confirmed that their drives only have the default folder that’s present when you switch it on for the very first time.īecause WD My Book devices are stored behind their own firewalls, and allow remote access via the My Book Live cloud servers, some users have expressed concerns that WD’s servers have been hacked. Weirdly, some users have reported that their file structure appears to be intact, leaving the drive full of empty folders.
0 kommentar(er)
