In this particular case, there were My Book drives and My Book Live. When the Li... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		IncRnd on June 25, 2021 \| parent \| context \| favorite \| on: WD My Book users wake up to find their data delete... In this particular case, there were My Book drives and My Book Live. When the Live part was configured, you would be creating an entry-point into your network for WD to run code on your drive. I know this, because I purchased one, and read the small getting started guide that came with it. Needless to say, I never ran any of the Live code. Several of these sorts of things have come up in the industry that always made me recall how happy I was to not have those drives with their backdoors on my network.

ineedasername on June 25, 2021 | [–]

The CVE says it needs the IP address. How did the entry point work? Unless it was something like NAT port-forwarding I don't know how the attack could punch through to whatever port the device was using to expose the API.

tonfreed on June 25, 2021 | [–]

See, I would care less about all this phoning home if I got the option to opt out like that.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact