Quote:If you haven’t already, stop reading and go yank your My Book Live storage device offline, lest you join the ranks of those who woke up on Thursday to find that years of data had been wiped clean on devices around the world.
Western Digital’s My Book storage device is designed for consumers and businesses. It typically plugs into computers via USB. The specific model involved in the data-demolition incident is known as My Book Live: a model that uses an Ethernet cable to connect to a local network. Users can remotely access files and make configuration changes through Western Digital’s cloud infrastructure.
Western Digital is blaming the remote wipes – which have happened even if the network-attached storage (NAS) devices are behind a firewall or router – on the exploitation of a remote command-execution (RCE) vulnerability.
The compromise delivers the data slaughter in the form of a factory reset that “appears to erase all data on the device,” according to Western Digital’s advisory.
It was BleepingComputer’s Lawrence Abrams that first came across the issue being reported on the Western Digital community forum. One user using the handle “sunpeak” said that their folders all had an edit date of June 23 (Wednesday), around 3 p.m. PT/6 p.m. ET. Scores of other forum members confirmed receiving the factory-reset messages, and confirmed the timing.
Sunpeak went on to describe how they discovered that 2T of data – an almost full disk – went up in a puff of smoke, leaving the directories still there but echoing, all emptied out.
“Previously the 2T volume was almost full but now it shows full capacity,” sunpeak said, going on to describe how, upon trying to login to the control user interface to diagnose the issue, they were only able to get to the landing page shown below, which prompted them to input their “owner password.”
Read more: My Book Live Users Wake Up to Wiped Devices, Active RCE Attacks | Threatpost
![[-]](https://www.geeks.fyi/images/collapse.png)
