For anyone who owns one of these internet-connected WD storage devices:
Initial story was reported here on 6/24:
And a follow-up:
Statement from WD:
Western Digital has determined that Internet-connected My Book Live and My Book Live Duo devices are under attack by exploitation of multiple vulnerabilities present in the device. In some cases, the attackers have triggered a factory reset that appears to erase all data on the device.
Initial story was reported here on 6/24:
“I’m totally screwed.” WD My Book Live users wake up to find their data deleted
Storage-device maker advises customers to unplug My Book Lives from the Internet ASAP.
arstechnica.com
And a follow-up:
Hackers exploited 0-day, not 2018 bug, to mass-wipe My Book Live devices [Updated]
Western Digital removed code that would have prevented the wiping of petabytes of data.
arstechnica.com
Statement from WD:
WDC-21008 Recommended Security Measures for WD My Book Live and WD My Book Live Duo | Western Digital
Western Digital provides data storage solutions, including systems, HDD, Flash SSD, memory and personal data solutions to help customers capture and preserve their most valued data.
www.westerndigital.com