The hard drive manufacturer Western Digital requests all users of the external storage media "WD My Book Live" and "WD My Book Live Duo" to immediately disconnect these NAS devices from the Internet. It should only be used if the computer to which the storage is connected is not communicating with the Internet or remote access is deactivated. This is because the “WD My Book Live” models may then be reset and deleted. The background is supposed to be a hacker attack. You can find official information on the topic in the relevant section Support document of the manufacturer who last received an update yesterday.
Chapter in this post:
WD My Book Live with vulnerability CVE-2021-35941
Western Digital has identified the vulnerability in its external hard drive systems with the code CVE-2021-35941. "The My Book Live firmware is vulnerable to a remotely exploitable vulnerability for injectable commands when remote access is enabled on the device. This vulnerability can be exploited to execute arbitrary commands with root rights. In addition, the My Book Live is vulnerable to an unauthenticated factory reset, which could allow an attacker to reset the device to the factory settings without authentication“, It says (translated) in the document linked above.
Case description of the attack at Ars Technica: Read here
Western Digital offers data recovery for those affected
If you are one of those users who have lost their data due to an attack on the firmware of the WD My Book Live hard drives or NAS systems, then you can request a data recovery from the manufacturer. However, it is not 100 percent certain whether it can bring all of your folders and files back completely. If you want to start data recovery yourself or first want to find out whether and how much data can be recovered, then there are a few useful tools for this. Here is an overview (from the end of 2019): Top 5 Free Mac Data Recovery Apps. You can also read the articles via Disk Drill Pro and EaseUS Data Recovery Wizard consult.
Related Articles
Sir Apfelot newsreel week 38, 2023- Sir Apfelot newsreel week 37, 2023
- Apple AirPods Pro (2nd Gen): USB-C, iOS 17 and Vision Pro details
- Release dates for iOS 17, iPadOS 17, tvOS 17, watchOS 10 & macOS 14
- Tomorrow, at 11:00 a.m.: Nationwide warning day with cell broadcast
- Apple Watch Ultra 2 – specifications, images and price
- Apple Watch Series 9 specs, images and pricing
- Apple iPhone 15 Pro (Max) - Specifications, Pictures and Prices
After graduating from high school, Johannes completed an apprenticeship as a business assistant specializing in foreign languages. But then he decided to research and write, which resulted in his independence. For several years he has been working for Sir Apfelot, among others. His articles include product introductions, news, manuals, video games, consoles, and more. He follows Apple keynotes live via stream.
The perfidious thing is that these old devices will probably no longer receive a firmware update, so that from now on you will be able to operate them without internet access, inevitably.
Which of course drives the matter a bit of ad absurdum, since the hard drive (as I understood it) is supposed to be a cloud solution. And that without the Internet ??? Makes little sense ...
You can also operate these things as local NAS drives. Cloud is not absolutely necessary.
Yes, or you can do the update. ;-)