Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Western Digital Asks 'My Book Live' Device Owners to Unplug After Reports of Remotely Wiped Drives

goobot said:
Apple needs to make a new time capsule and make it so I can also backup my iOS devices.
Click to expand...
It's called iCloud Backup for iPad/iOS.


Any OEM or open source NAS software supports TimeMachine, without the Apple premium tax.

I restored my new M1 MBP from a TM backup running on https://www.truenas.com/truenas-core/

It even restored VirtualBox and Window 10 Guest installation, which I subsequently deleted.
 
Last edited:
  • Disagree
Reactions: iGüey
MacRumors said:


Western Digital is advising owners of its My Book Live storage drives to disconnect them from the internet until further notice, following reports from around the world that some devices have been compromised and wiped clean by malicious software.

western-digital-my-book-live.jpg

The WD My Book Live is the company's network-attached storage device with the book-style design that can stand upright on a desk. The drive is typically connected to computers via USB and connects to a local network via ethernet. Meanwhile, the WD My Book Live app lets users access their stored files remotely through Western Digital's cloud servers.

As reported by BleepingComputer, My Book Live and Live Duo device owners on Thursday began flooding Western Digital's support forums with reports that all of their files had been mysteriously deleted and that they could no longer access the device via the offical app or a browser.
When they attempted to log in using the drive's web dashboard, the drive told them they had an invalid password. Many other owners have also confirmed that their device has been hit with the same issue. "All my data is gone too," another user said. "I am totally screwed without that data... years of it."

Following further reports, a pattern has gradually emerged in shared device logs that points to a remote command initiating a factory reset on affected devices beginning at around 3:00 p.m. on Thursday and continuing throughout the night.

Western Digital has advised customers in a new support notice to disconnect their My Book Live devices while the company investigates the destructive attacks. The company has since told BleepingComputer they are actively investigating the attacks but do not believe it was a compromise of their servers.
If the company is correct in saying its servers haven't been hacked, it's unclear how so many My Book Live accounts could be compromised at or around the same time. We've asked for more information from Western Digital regarding the matter and will post an update to this story if we hear anything back, but the advice for device owners for now is clear: Disconnect your My Book Live.

Article Link: Western Digital Asks 'My Book Live' Device Owners to Unplug After Reports of Remotely Wiped Drives
Click to expand...
This is why i never upgraded from my MyCloud Ultra X, which was a TRUE NAS, its a YOUR-Network Attached Storage, not theirs
 
  • Like
Reactions: iGüey
It's also a drive that was sold between 2010-2014, with a firmware update last made in 2015. Like waving a red flag to a bull there for a well crafted brute force attack.
 
  • Like
Reactions: psxp
CoastalMaineBird said:
all the data on it is gone today, while the directories seems there but empty.
...
this compromise has led to a factory reset that appears to erase all data on the device.

I don't think the "factory reset" would leave all the directories there.
Click to expand...
I used to have one. The main access was the network port. So there has to be some remote wipe" function to connect and reset the device if you forget or want to sell it.

I'd guess somebody found the "secret packets" to wipe them and just spams it when they're trolling ISP for user devices to mess with.
 
So quick question then… I have a nas, I’ve explicitly turned off the cloud features but it is part of the home network. So is there an easy way to verify that it definitely cant be seen from outside my home network? It would be lovely to be able to independently check if my firewall is doing its job properly and if the nas isn’t advertising itself
 
  • Like
Reactions: iGüey
PBG4 Dude said:
Funny, I have the opposite experience with WD products. I use their USB-powered external hard drives for almost everything. They are connected to my Xbox, was connected to my PS4 before that was retired, and have 3 for backup disks. So far (touch wood) no issues. The only drives I’ve had outright fail on me are Maxtor and Seagate drives. I will not buy those brands anymore.

I do not use the WD cloud drives. I was considering one for remote file access, but not with a company that doesn’t update their firmware for 6+ years on an internet-connected device. That’s just begging to be hacked.
Click to expand...
Agreed. Any spinning disk drive can and will fail at some point. But Seagate is the one brand I avoid whenever possible, because of a LONG track record of their products failing prematurely and/or without warning. The WD stuff has generally been at least "somewhere in the middle" on reliability for me. I would never use the "cloud" products though. If you want to make your data Internet accessible, you had best do so with a full server type solution that has all the necessary security in place. The code they slap together to make these stand-alone external drives Internet-available is questionable at best.
 
doobydoooby said:
So quick question then… I have a nas, I’ve explicitly turned off the cloud features but it is part of the home network. So is there an easy way to verify that it definitely cant be seen from outside my home network? It would be lovely to be able to independently check if my firewall is doing its job properly and if the nas isn’t advertising itself
Click to expand...

A good start: https://www.grc.com/x/ne.dll?bh0bkyd2
 
doobydoooby said:
So quick question then… I have a nas, I’ve explicitly turned off the cloud features but it is part of the home network. So is there an easy way to verify that it definitely cant be seen from outside my home network? It would be lovely to be able to independently check if my firewall is doing its job properly and if the nas isn’t advertising itself
Click to expand...

If your router supports it. You can block internet access by MAC Address. Then simply block the NAS.

You can also just go into the NAS and set something like an invalid DNS address (or simply the loopback address 127.0.0.1) or invalid Gateway address (like one of your computers instead of the router). Then it won't know how to connect to the internet anymore. It won't matter what server settings you have. The software on the NAS will have no way of communicating with the outside world.
 
  • Like
Reactions: Will Co
JSL1 said:
Poor security by WD to allow this to happen and to allow remote wipes.
Click to expand...
This is coming from a company that previously shipped MyBook drives with the root password set to "welc0me". Western Digital has a bad track record for NAS drives. They also have a culture of release and don't support going forward. Best to stay away.
 
Last edited:
  • Wow
Reactions: iGüey
CoastalMaineBird said:
all the data on it is gone today, while the directories seems there but empty.
...
this compromise has led to a factory reset that appears to erase all data on the device.

I don't think the "factory reset" would leave all the directories there.
Click to expand...
I've seen the file permissions get changed so that they appear empty. If the data is still there, it may require gaining root access to fix permissions or disable advisory locks.
 
MacRumors said:
Following further reports, a pattern has gradually emerged in shared device logs that points to a remote command initiating a factory reset on affected devices beginning at around 3:00 p.m. on Thursday and continuing throughout the night.
Click to expand...

As this is a factory reset. I wonder if all the data is actually still on the drives? I'd expect a factory reset just resets the partitions. Not zero the drive.

Data recovery could be a pain. Depending on how it's partitioned. It's been a long time. But I performed data recovery on a cheap home NAS like this which had been wiped accidentally. I don't remember which brand.

Anyways, it used some proprietary partition scheme and unusual format. I had to hex edit the partition table to something recognizable. Then I was able to run data recovery and fetch everything on the drive. It's been a long time. So, I don't recall everything I did. It was just a real pain.

Here's hoping WD used something common like MBR and EXT4.
 
  • Like
Reactions: Marty_Macfly
goobot said:
I don’t want cloud based backup only
Click to expand...
That's called connect your device to your Mac, which in turn gets backed up using TM.

www.iphonelife.com

How to Back Up Your iPhone to a Mac without iTunes

It’s official. Apple has killed off iTunes, marking the end of its oldest and most iconic piece of software. Beginning with macOS 10.15 (Catalina), iTunes is no more, prompting many to ask: How do I back up my iPhone without iTunes? The answer is simple: You can back up your iPhone in Catalina...
www.iphonelife.com

Problem solved! You are welcome.
 
Last edited:
I don't trust the cloud, as far as I could throw it. NAS has just become a no-no zone for me, now, after reading this article. I'll trust my USB thumb drives and locally attached SSD's even moreso, from now on. Nice to know the Internet can be trusted to protect our data... N O T ! :mad:
 
  • Like
Reactions: iGüey
Always have your data
In 2 different, independent places on earth. Totally unconnected from each other and at least one of the two places (if not both) not connected to the internet. And both places/devices should be RAID arrays.

This way both systems are undependently protected against hardware failure (RAID) and by having them in 2 places on earth you are safe from natural desasters and such.

And no, dropbox, or any cloud system, doesnt count as a first or second place of storage.
Only RAID servers you can physically touch yourself and belong to you and you alone count as storage mediums.

Everything else leaves a risk.
 
elvisimprsntr said:
That's called connect your device to your Mac, which in turn gets backed up using TM.

www.iphonelife.com

How to Back Up Your iPhone to a Mac without iTunes

It’s official. Apple has killed off iTunes, marking the end of its oldest and most iconic piece of software. Beginning with macOS 10.15 (Catalina), iTunes is no more, prompting many to ask: How do I back up my iPhone without iTunes? The answer is simple: You can back up your iPhone in Catalina...
www.iphonelife.com

Problem solved! You are welcome.
Click to expand...
Cause I'm going to dedicate 200 gigs of my computers hard drive to that
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back