CyberNews Briefs

Attacks Erase Western Digital Network-Attached Storage Drives

Companies and individuals operating older models of Western Digital network-attached storage (NAS) drives suffered from what appears to be an attack that exploited a 2018 vulnerability. The exploit reset the drives to factory defaults and deleted data, according to customer comments and statements made by the company. Western Digital suspects a remote code execution vulnerability affecting My Book Live and My Book Live Duo devices, recommending that customers turn off the drives to protect their data.

Western Digital confirmed that many customers of its WD My Book Live and My Book Live Dio storage appliances suffered compromises through a remote code execution vulnerability. The attack appeared to happen on June 23 and 24, when drives were reset, according to log files posted to the company’s support forum. Following the attack, the default password does not seem to work on the drives, even after the factory reset. One user stated that he had a WD My Book Live connected to a home LAN that operated fine for years, until he found that all of the data on it was gone around June 24.

Read More: Attacks Erase Western Digital Network-Attached Storage Drives

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.