Western Digital blames malware for My Book Live devices being wiped remotely | TopGadgetHut

Share on facebook
Share on google
Share on twitter
Share on linkedin


People who own and use a Western Digital My Book Live cloud storage device may want to disconnect it from the internet as soon as possible. As first reported by Bleeping Computer, a number of people worldwide who own the network-attached storage device took to the company’s forum to report that all their files had been deleted. Terabytes’ worth of data, years of memories and months of hard work vanished in an instant. The users couldn’t even log into WD’s cloud infrastructure for diagnosis, because their passwords were no longer working. 

Several owners looked into the cause of the issue and determined that their devices were wiped after receiving a remote command for a factory reset. The commands starting going out at 3PM on Wednesday and lasted throughout the night. One user posted a copy of their log showing how a script was run to shut down their storage device for a factory restore:

Jun 23 15:14:05 MyBookLive factoryRestore.sh: begin script:
Jun 23 15:14:05 MyBookLive shutdown[24582]: shutting down for system reboot
Jun 23 16:02:26 MyBookLive S15mountDataVolume.sh: begin script: start
Jun 23 16:02:29 MyBookLive _: pkg: wd-nas
Jun 23 16:02:30 MyBookLive _: pkg: networking-general
Jun 23 16:02:30 MyBookLive _: pkg: apache-php-webdav
Jun 23 16:02:31 MyBookLive _: pkg: date-time
Jun 23 16:02:31 MyBookLive _: pkg: alerts
Jun 23 16:02:31 MyBookLive logger: hostname=MyBookLive
Jun 23 16:02:32 MyBookLive _: pkg: admin-rest-api

The WD My Book Live devices connect to the internet via an Ethernet cable, and owners can use it to wirelessly back up their computers or to access their files from any device. It’s a great solution for homes and businesses with multiple computers and phones that run different operating systems. 

As Bleeping Computer notes, the storage solution communicates through the My Book Live cloud servers to provide remote access. It’s an old model that hasn’t been updated since 2015, but it’s still protected by a firewall. Some of the affected owners expressed concerns that Western Digital’s servers were hacked, allowing bad actors to send out a remote factory reset command to all devices connected to them.

However, Western Digital blames the incident on malware in a statement it issued to address the situation. The company said some My Book Live devices were compromised, though it didn’t explain how bad actors were able to infiltrate them, and that owners should disconnect the storage solution from the internet for now.

The whole statement reads:

“Western Digital has determined that some My Book Live devices are being compromised by malicious software. In some cases, this compromise has led to a factory reset that appears to erase all data on the device. The My Book Live device received its final firmware update in 2015. We understand that our customers’ data is very important. At this time, we recommend you disconnect your My Book Live from the Internet to protect your data on the device. We are actively investigating and we will provide updates to this thread when they are available.”

All products recommended by TopGadgetHut are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.



Source link

Kylie Knox

Kylie Knox

Kylie Knox is our lead analyst for Electronics Product reviews. She studied at RPI and worked on the retail side of the industry at B&H before landing at Topgadgethut. Also, she handled all of Good Housekeeping’s nutrition-related content, testing, and evaluation from 2017 to 2019.

Leave a Replay

About Me

A registered dietitian with a Bachelor of Arts degree from Loyola University and a Master of Science degree in Clinical Nutrition from Columbia University, Kylie Knox handled all of Good Housekeeping’s nutrition-related content, testing, and evaluation from 2017 to 2020.

Recent Posts

Follow Us

Top Grossing Content

Sign up for our Newsletter

Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit

Translate »