Mysterious Threat Actor Wipes Files From Western Digital's MyBook NAS Devices
Zyxel firewalls face ongoing attacks, Google expands open-source vuln database to key ecosystems, Crackonosh mining malware hidden in free online games, Binance helped with Cl0p arrests, more
Western Digital says an old 2018 vulnerability led to a series of attacks during which a mysterious entity triggered mass-factory resets that wiped user data from internet-exposed My Book Live and My Book Live Duo network-attached storage (NAS) devices.
The flaw, discovered by security researchers Paulos Yibelo and Daniel Eshetu, is tracked as CVE-2018-18472 and allows remote threat actors to bypass authentication on the WD My Book Live NAS devices and run commands with root privileges. The unknown threat actor chained this vulnerability with a factory reset procedure that wipes data on the NAS and returns the device to standard settings. (Catalin Cimpanu / The Record)
Related: TechNadu, MacRumors, iMore, Kaspersky, Bleeping Computer, Reddit, Western Digital, Engadget, PC Magazine
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.