Bad Surprise for NAS Users WD My Book Live and My Book Live Duo : May be due to a security breach erase all data is present on the disk if it is connected to the Internet. If you haven’t already, you should Disconnect your drive from the network as soon as possible To avoid the worst.
25 JuneWestern Digital, manufacturer of multiple storage solutions (internal hard drives, external drives, NAS, etc.), recommends that users of WD My Book Live and My Book Live Duo devices use them. Disconnect from the Internet until further notice, following various messages posted on June 24 by users on the WD support forum, indicating that they have lost all your data.
WD My Book Live Series Drive Quite popular NAS released since 2010. they have a connection usb well as asa port ethernet which allows them to be connected to the local network, or even the Internet if you activate the option for Access your data remotely. Unfortunately, WD has Stopped support for these NAS in 2015 and therefore no longer provides security updates.
massive data loss
For users of these WD drives, waking up must have been difficult. If all folders were still on disk, the files inside are all gone. Several users have indicated on the forum that their NAS had to face a factory reset, or reset to their machine’s initial state, a process often used reset an electronic device, obviously resulting in the deletion of all stored data.
24 hours after the incident was reported, Western Digital posted the following official message on its platform: “Immediately disconnect your My Book Live device from the Internet to protect your data from ongoing attacks.” You can disconnect the device and continue to access your data locally”. The manufacturer thus noted that these storage media were Target of attacks that take advantage of multiple existing vulnerabilities.
A data recovery program offered by WD
Following the scale of the attack, Western Digital posted a page in which affected product even from attack more information.
WD has investigated and claims that the cloud services, firmware update servers, or login data of its users have not been compromised.
We learn that the firmware of My Book Live is “a .” is sensitive to Remotely exploitable command injection vulnerability When remote access is enabled on the device. This vulnerability can be exploited to execute arbitrary commands with root privileges. Additionally, My Book Live is vulnerable to an unauthorized factory reset operation that allows an attacker to reset the device to factory settings without authentication. “
According to Western Digital, these vulnerabilities are Introduced in 2011 after an overhaul of the authentication logic Present in firmware update. The least we can say is that it sows Doubts about the safety of connected products From the WD Brand: Although the MyBook Live range hasn’t been supported since 2015, the hardware reliability of these NAS means that many people or even businesses still use these connected systems To store and share data.
To answer the (well established) concerns of its users, the manufacturer will offer Free data recovery services from early July, an exchange program to find files that may have been deleted on the hard disk, as well as to switch to a new device at a preferential rate. Yes the damage is done For some users, this manufacturer’s support is always welcome.
In the meantime, we advise affected users to disconnect their disk from the network via the ethernet port, or if it’s already too late Do not attempt to modify the contents of their disc, under penalty of further complicating this restoration. This is because even if the data is “erased” from the disk, it is still present but inaccessible, and recording new data on the media may make it impossible to recover.
We also take this opportunity to remember thatA NAS, even if it is made up of multiple internal drives, is not a sufficient backup solution for your data.. Even more so if this NAS is connected to the Internet, which makes it potentially vulnerable to remote attack, as this case shows.
My Cloud OS 3: Consider Updating
Following this flaw, the researchers also discovered My Cloud OS 3 operating system flaws WD My Cloud NAS. the latter is from My Cloud OS 5. updated with And the manufacturer recommends upgrading to the latest version.
But some users prefer MyCloud OS 3 – which offers features that are no longer in MyCloud OS 5 – or have a NAS that can’t update to MyCloud OS 3. In this case, Western Digital has only one answer: buy a new drive that works with My Cloud OS 5, a basic security update.