WD (Western Digital) is one of the world’s most-known manufacturer of hard drives. Its offer also includes NAS network disks, i.e. home clouds that are sold under the name My Cloud. They are designed to store large amounts of data and make backup copies. Unfortunately, a serious security vulnerability has been discovered that allows the hacker not only to copy your data, but also to delete it.
NAS (Network Attached Storage) drives have long been used in companies, and for some time have also come in the homes of ordinary users. Currently, in our computers, we value the hard disk speed more than its capacity. That’s why we prefer laptops and ultrabooks with SSD disks. Of course, you can buy models with high capacity SSDs, but their price is deadly for the home wallet. A portable hard drive is a good complement to such a purchase, however, over time this solution is cumbersome in everyday use. This is where network drives come in, which all our home appliances can use, including Smart TVs. We can also connect to the Internet and use it as a personal cloud for our smartphone. At the same time, it should be borne in mind that this is associated with certain threats, as recently discovered by WD My Cloud drives owners.
The WD My Cloud software had 6 security vulnerabilities.
The most dangerous of all of them looks hidden user account named mydlinkBRionyg and password abc12345cba. In addition, the attacker still has to guess the name of the network drive, which is often the default. Interestingly, the same vulnerability exists in the disk code of another manufacturer (this is D-Link DNS-320L ShareCenter) and it was patched at the end of 2014. In the document describing all the vulnerabilities, you will also find information on the remaining security problems, which the manufacturer was notified in June 2017. Fortunately, they have already been patched. The problem concerned the following devices:
- My Cloud Gen 2,
- My Cloud PR2100,
- My Cloud PR4100,
- My Cloud EX2 Ultra,
- My Cloud EX2,
- My Cloud EX4,
- My Cloud EX2100,
- My Cloud EX4100,
- My Cloud DL2100,
- My Cloud DL4100.
According to the manufacturer’s assurances, the reported vulnerabilities were fixed in firmware update v2.30.172. However, in the network you can find confirmation that the attacks described definitely do not work on the v2.30.174 software. Therefore, if you use WD My Cloud products, you should check the installed firmware version and make sure that the automatic update option is enabled.