var advanced_ads_pro_visitor_conditions = {"referrer_cookie_name":"advanced_ads_pro_visitor_referrer","referrer_exdays":"365","page_impr_cookie_name":"advanced_ads_page_impressions","page_impr_exdays":"3650"};
var essb_settings = {"ajax_url":"https:\/\/www.lightstalking.com\/wp-admin\/admin-ajax.php","essb3_nonce":"bdc361df3a","essb3_plugin_url":"https:\/\/www.lightstalking.com\/wp-content\/plugins\/easy-social-share-buttons3","essb3_stats":true,"essb3_ga":false,"essb3_ga_ntg":false,"blog_url":"https:\/\/www.lightstalking.com\/","post_id":"477165"};
And a recent wave of exploits that are impacting owners of Western Digital backup solutions is a reminder of just how precious and fragile these storage devices can be.
A remote exploit is destroying the data on WD My Book Live and WD My Book Live Duo devices and the company is advising owners to disconnect these devices immediately.
It looks like it’s a pretty serious issue, too, because Western Digital issued no less than a lengthy response to the exploit and, when the advice is to basically turn the device off, you know things are dire.
An excerpt from the official post detailing the issue:
“Western Digital has determined that some My Book Live and My Book Live Duo devices are being compromised through exploitation of a remote command execution vulnerability. In some cases, the attackers have triggered a factory reset that appears to erase all data on the device.
We are reviewing log files which we have received from affected customers to further characterize the attack and the mechanism of access. The log files we have reviewed show that the attackers directly connected to the affected My Book Live devices from a variety of IP addresses in different countries. This indicates that the affected devices were directly accessible from the Internet, either through direct connection or through port forwarding that was enabled either manually or automatically via UPnP.”
In somewhat of a silver lining to this story, this does seem to just be a virus and not a compromise of a user’s personal data or anything like that.
“Our investigation of this incident has not uncovered any evidence that Western Digital cloud services, firmware update servers, or customer credentials were compromised. As the My Book Live devices can be directly exposed to the internet through port forwarding, the attackers may be able to discover vulnerable devices through port scanning.
We understand that our customers’ data is very important. We do not yet understand why the attacker triggered the factory reset; however, we have obtained a sample of an affected device and are investigating further. Additionally, some customers have reported that data recovery tools may be able to recover data from affected devices, and we are currently investigating the effectiveness of these tools.”
As Western Digital outlines, the affected products were released in 2010 and the last firmware update for them was uploaded in 2015.
Kehl is our staff photography news writer since 2017 and has over a decade of experience in online media and publishing and you can get to know him better here and follow him on Insta.
var advanced_ads_cookies = {"cookie_path":"\/","cookie_domain":""};
var advadsCfpInfo = {"cfpExpHours":"3","cfpClickLimit":"3","cfpBan":"7","cfpPath":"","cfpDomain":"www.lightstalking.com"};
var beloadmore = {"url":"https:\/\/www.lightstalking.com\/wp-admin\/admin-ajax.php","query":{"post__not_in":[477165],"category_name":"news","posts_per_page":3}};
var tve_dash_front = {"ajaxurl":"https:\/\/www.lightstalking.com\/wp-admin\/admin-ajax.php","force_ajax_send":"1","is_crawler":"","recaptcha":[],"post_id":"477165"};
var TVE_Ult_Data = {"ajaxurl":"https:\/\/www.lightstalking.com\/wp-admin\/admin-ajax.php","ajax_load_action":"tve_ult_ajax_load","conversion_events_action":"tve_ult_conversion_event","shortcode_campaign_ids":[],"matched_display_settings":[],"campaign_ids":[],"post_id":477165,"is_singular":true,"tu_em":"","evergreen_redirects":[]};
(function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async=true;; po.src = 'https://www.lightstalking.com/wp-content/plugins/easy-social-share-buttons3/lib/modules/conversions-pro/assets/share-conversions-tracker.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })();(function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async=true;; po.src = 'https://www.lightstalking.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/pinterest-pro.min.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })();(function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async=true;; po.src = 'https://www.lightstalking.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/subscribe-forms.min.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })();(function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async=true;; po.src = 'https://www.lightstalking.com/wp-content/plugins/easy-social-share-buttons3/assets/js/essb-core.min.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })();
var essb_handle_stats = function(oService, oPostID, oInstance) { var element = jQuery('.essb_'+oInstance); var instance_postion = jQuery(element).attr("data-essb-position") || ""; var instance_template = jQuery(element).attr("data-essb-template") || ""; var instance_button = jQuery(element).attr("data-essb-button-style") || ""; var instance_counters = jQuery(element).hasClass("essb_counters") ? true : false; var instance_nostats = jQuery(element).hasClass("essb_nostats") ? true : false; if (instance_nostats) { return; } var instance_mobile = false; if( (/Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i).test(navigator.userAgent) ) { instance_mobile = true; } if (typeof(essb_settings) != "undefined") { jQuery.post(essb_settings.ajax_url, { 'action': 'essb_stat_log', 'post_id': oPostID, 'service': oService, 'template': instance_template, 'mobile': instance_mobile, 'position': instance_postion, 'button': instance_button, 'counter': instance_counters, 'nonce': essb_settings.essb3_nonce }, function (data) { if (data) { }},'json'); } }; var essb_log_stats_only = function(service, postId, position) { var instance_mobile = false; if( (/Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i).test(navigator.userAgent) ) { instance_mobile = true; } if (typeof(essb_settings) != "undefined") { jQuery.post(essb_settings.ajax_url, { 'action': 'essb_stat_log', 'post_id': postId, 'service': service, 'template': position, 'mobile': instance_mobile, 'position': position, 'button': position, 'counter': false, 'nonce': essb_settings.essb3_nonce }, function (data) { if (data) { }},'json'); } };
let ccwpDOMLoaded=!1;
let ccwp_loaded = false;
let resources_length=0;
let resources =undefined;
let is_last_resource = 0;
ccwpUserInteractions=["keydown","mousemove","wheel","touchmove","touchstart","touchend","touchcancel","touchforcechange"];
ccwpUserInteractions.forEach(function(e){
window.addEventListener(e,calculate_load_times);
});
function calculate_load_times() {
// Check performance support
if (performance === undefined) {
console.log("Performance NOT supported");
return;
}
// Get a list of "resource" performance entries
resources = performance.getEntriesByType("resource");
if (resources === undefined || resources.length <= 0) {
console.log("NO Resource performance records");
}
if(resources.length){
resources_length=resources.length;
}
for(let i=0; i < resources.length; i++) {
if(resources[i].responseEnd>0){
is_last_resource = is_last_resource + 1;
}
}
let uag = navigator.userAgent;
let gpat = /Google Page Speed Insights/gm;
let gres = uag.match(gpat);
let cpat = /Chrome-Lighthouse/gm;
let cres = uag.match(cpat);
let wait_till=300;
let new_ua = "Mozilla/5.0 (Linux; Android 11; moto g power (2022)) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36";
let new_ua2 = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36";
if(gres || cres || uag==new_ua || uag==new_ua2){
wait_till = 3000;
}
if(is_last_resource==resources.length){
setTimeout(function(){
console.log("ccwpTriggerDelayedScripts timeout : "+wait_till);
ccwpTriggerDelayedScripts();
},wait_till);
}
}
window.addEventListener("load", function(e) {
console.log("load complete");
setTimeout(function(){
calculate_load_times();
},100);
});async function ccwpTriggerDelayedScripts() {
if(ccwp_loaded){ return ;}
ccwpPreloadStyles();
ccwpPreloadDelayedScripts();
ccwpLoadCss();
ccwpScriptLoading();
ccwp_loaded=true;
}
function ccwpPreloadStyles() {
let e = document.createDocumentFragment();
var cssEle = document.querySelectorAll("link[rel=ccwpdelayedstyle]");
for(let i=0; i <= cssEle.length;i++){
if(cssEle[i]){
cssEle[i].href = removeVersionFromLink(cssEle[i].href);
let r = document.createElement("link");
r.href = cssEle[i].href;
r.rel = "preload";
r.as = "style";
e.appendChild(r);
}
}
document.head.appendChild(e);
}
function ccwpPreloadDelayedScripts() {
var e = document.createDocumentFragment();
document.querySelectorAll("script[type=ccwpdelayedscript]").forEach(function(t) {
var n = removeVersionFromLink(t.getAttribute("src"));
if (n) {
t.setAttribute("src", n);
var r = document.createElement("link");
r.href = n, r.rel = "preload", r.as = "script", e.appendChild(r)
}
}), document.head.appendChild(e)
}
function ccwpScriptLoading(){
var jsEle = document.querySelectorAll("script[type=ccwpdelayedscript]");
jsEle.forEach(function(t) {
t.type = "text/javascript";
if(t.src)
{
t.src = removeVersionFromLink(t.src);
}
});
}function ccwpLoadCss(){
var cssEle = document.querySelectorAll("link[rel=ccwpdelayedstyle]");
for(let i=0; i <= cssEle.length;i++){
if(cssEle[i]){
cssEle[i].href = removeVersionFromLink(cssEle[i].href);
cssEle[i].rel = "stylesheet";
cssEle[i].type = "text/css";
}
}var cssEle = document.querySelectorAll("style[type=ccwpdelayedstyle]");
for(let i=0; i <= cssEle.length;i++){
if(cssEle[i]){
cssEle[i].type = "text/css";
}
}
}
function removeVersionFromLink(link)
{
if(ccwpIsValidUrl(link))
{
const url = new URL(ccwpFormatLink(link));
url.searchParams.delete("ver");
url.searchParams.delete("time");
return url.href;
}
else{
return link;
}
}
function ccwpIsValidUrl(urlString)
{
if(urlString){
var expression =/[-a-zA-Z0-9@:%_\+.~#?&//=]{2,256}\.[a-z]{2,4}\b(\/[-a-zA-Z0-9@:%_\+.~#?&//=]*)?/gi;
var regex = new RegExp(expression);
return urlString.match(regex);
}
return false;
}
function ccwpFormatLink(link)
{
let http_check=link.match("http:");
let https_check=link.match("https:");
if(!http_check && !https_check)
{
return location.protocol+link;
}
return link;
}