Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Disconnect your WD My Book Live from the web to avoid data deletion, says Western Digital
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Disconnect your WD My Book Live from the web to avoid data deletion, says Western Digital

5 years ago Graham Cluley
Disconnect your WD My Book Live from the web to avoid data deletion, says Western Digital

Storage drive maker Western Digital is telling owners of its WD My Book Live device to disconnect it from the internet after reports that some have had their data erased by malicious software.

According to an advisory issued by the firm, malicious attackers are compromising the devices – commonly used to back up data such as home movies, photographs, and important documents – resulting in their entire contents being wiped in some cases.

Western Digital has determined that some My Book Live devices are being compromised by malicious software. In some cases, this compromise has led to a factory reset that appears to erase all data on the device.

The first indication that most victims will see is an “invalid password” message when they attempt to log into their device.

In a thread on Western Digital’s support forum, many My Book Live owners have described how all of their data has disappeared.

One user who fell victim to the attack said:

“Got a decade of life’s work and photos at stake so willing to do whatever it takes to recover.”

The attackers are thought to be exploiting a remote code execution vulnerability (CVE-2018-18472) that reportedly can be triggered by anyone who knows the IP address of the affected device.

Attacks seen in the wild this week have exploited the vulnerability to force devices into initiating a factory reset, which wipes all data.

All versions of the WD My Book Live and WD My Book Live Duo – which Western Digital stopped supporting and providing firmware updates for in 2015 – are said to be vulnerable.

But pay attention to product names. If you own a WD MyBook or WD My Book Duo (note without the “Live” part of the name), then your data shouldn’t be at risk from this attack.

Western Digital used the word “Live” in the storage devices’ names as a way of describing those backup devices that were connected to the internet and thus accessible remotely.

It remains to be seen whether it is possible for affected WD device owners to recover their lost information. As ever, individuals and organisations are advised to think carefully about their backup regime for valuable data and ensure that they are not just relying upon one technology.

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

The post ” Disconnect your WD My Book Live from the web to avoid data deletion, says Western Digital” appeared first on TripWire

Source:TripWire – Graham Cluley

Tags: Encryption, Goverment, Malware, Ransomware, TripWire

Continue Reading

Previous Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack
Next Hackers Crack Pirated Games with Cryptojacking Malware

More Stories

  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

12 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk

13 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

15 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

How Samsung Knox Helps Stop Your Network Security Breach

17 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

18 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Data Breach
  • Vulnerabilities

Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

21 hours ago [email protected] (The Hacker News)

Recent Posts

  • China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
  • CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk
  • Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
  • How Samsung Knox Helps Stop Your Network Security Breach
  • Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT