Threat Actors Remotely Wiping WD NAS Drives

Hackers are actively targeting specific models of Western Digital network-attached storage (NAS) drives to wipe their contents and exfiltrate their data. 

My Book Live and My Book Live DUO NAS drives have been found to have a vulnerability that renders them accessible to outside parties. Once accessed, the data from the drives can be copied remotely or wiped via a system reset. 

“Western Digital has determined that Internet-connected My Book Live and My Book Live Duo devices are under attack by exploitation of multiple vulnerabilities present in the device,” the company announced in a June 29 press release.

One of the security vulnerabilities has been traced back to an unprotected PHP script present on the devices that allow users to run a factory reset.

Western Digital has announced that they would both offer data recovery services to owners of the drives and offer a trade-in program to upgrade to a newer device.

Affected by this vulnerability? Nodal can help either secure your device or install a new NAS drive. Contact us today!