A while back I posted a story on a vulnerablity with Western Digital My Cloud drives that was kind of, well, horrific. Today I have another one for you. It appears via a security researcher that Western Digital My Cloud NAS drives have a hardcoded backdoor, meaning anyone can access them and pwn you. The backdoor has the username “mydlinkBRionyg” and the password is “abc12345cba” (without quotes).
Now you’re likely wondering why is the word “dlink” in the username as that should be a competitor to Western Digital. There’s a good reason for that. It appears that the WD NAS devices once shared code with D-Link “Sharecenter” devices. Interestingly, these D-Link devices were issued patched firmware in 2014 and no longer contain the backdoor. Speaking of patches, this backdoor was disclosed to Western Digital six months ago and the company apparently did nothing until November 2017 when it issued firmware 2.30.172. That’s an epic fail and shows that Western Digital isn’t keeping its eye on the ball when it comes to security.
What I recommend to users of the following drives is this:
- MyCloud
- MyCloudMirror
- My Cloud Gen 2
- My Cloud PR2100
- My Cloud PR4100
- My Cloud EX2 Ultra
- My Cloud EX2
- My Cloud EX4
- My Cloud EX2100
- My Cloud EX4100
- My Cloud DL2100
- My Cloud DL4100
First, verify that you’re running firmware 2.30.172. If you’re not, unplug this drive and stop using it until you have upgraded to that firmware. But keep in mind that this issue has been out there for so long, you may have already been pwned and not know anything about it. Thus you may want to question why you want to have a hard drive connected to the Internet in the first place.
Like this:
Like Loading...
Related
This entry was posted on January 8, 2018 at 2:36 pm and is filed under Commentary with tags Western Digital. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
#PSA: Western Digital My Cloud Drives Have A Hidden Backdoor… Update Them NOW!
A while back I posted a story on a vulnerablity with Western Digital My Cloud drives that was kind of, well, horrific. Today I have another one for you. It appears via a security researcher that Western Digital My Cloud NAS drives have a hardcoded backdoor, meaning anyone can access them and pwn you. The backdoor has the username “mydlinkBRionyg” and the password is “abc12345cba” (without quotes).
Now you’re likely wondering why is the word “dlink” in the username as that should be a competitor to Western Digital. There’s a good reason for that. It appears that the WD NAS devices once shared code with D-Link “Sharecenter” devices. Interestingly, these D-Link devices were issued patched firmware in 2014 and no longer contain the backdoor. Speaking of patches, this backdoor was disclosed to Western Digital six months ago and the company apparently did nothing until November 2017 when it issued firmware 2.30.172. That’s an epic fail and shows that Western Digital isn’t keeping its eye on the ball when it comes to security.
What I recommend to users of the following drives is this:
First, verify that you’re running firmware 2.30.172. If you’re not, unplug this drive and stop using it until you have upgraded to that firmware. But keep in mind that this issue has been out there for so long, you may have already been pwned and not know anything about it. Thus you may want to question why you want to have a hard drive connected to the Internet in the first place.
Share this:
Like this:
Related
This entry was posted on January 8, 2018 at 2:36 pm and is filed under Commentary with tags Western Digital. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.