The WD My Book Live and My Book Live Duo | Image: WD
It looks like there may have been more than one exploit used to cause the mass deletion of data from WD My Book Live NASes last week, according to a report from Ars Technica. When news broke that people were finding that their data was missing, some (including WD itself), pointed to a known exploit from 2018, which allowed for root access of the device. However, it appears as though there’s more going on than was initially suspected.
If you have one of these devices, you should unplug it from the internet before reading any further — it’s clear at this point that your data is at risk if the device is online.
The second exploit, reported by Ars Technica, doesn’t give an attacker full control over the device like the other exploit. It…