MyBook Users Urged to Unplug Devices from Internet

2021-06-25 20:23

Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.

Earlier this week, Bleeping Computer and Ars Technica pointed to a heated discussion thread on Western Digital's user forum where many customers complained of finding their MyBook Live and MyBook Live Duo devices completely wiped of their data.

In some ways, it's remarkable that it took this long for vulnerable MyBook devices to be attacked: The 2018 Wizcase writeup on the flaw includes proof-of-concept code that lets anyone run commands on the devices as the all-powerful "Root" user.

"These products have been discontinued since 2014 and are no longer covered under our device software support lifecycle. We encourage users who wish to continue operating these legacy products to configure their firewall to prevent remote access to these devices, and to take measures to ensure that only trusted devices on the local network have access to the device."

Wizcase said the flaw it found in MyBook devices also may be present in certain models of WD MyCloud network attached storage devices, although Western Digital's advisory makes no mention of its MyCloud line being affected.

The vulnerable MyBook devices are popular among home users and small businesses because they're relatively feature-rich and inexpensive, and can be upgraded with additional storage quite easily.

News URL

https://krebsonsecurity.com/2021/06/mybook-users-urged-to-unplug-devices-from-internet/

#internet