ACE Data Recovery Helps Owners of WD My Book Live After Malicious Factory Reset - Press Release

READY TO GET STARTED?

You can ship your media to us or visit one of our offices.

GET STARTED NOW

ACE Data Recovery Helps Owners of WD My Book Live After Malicious Factory Reset

Dallas, TX – July 9, 2021- ACE Data Recovery R&D Team has developed a proprietary solution that is exceedingly effective after a malicious factory reset of Western Digital WD My Book Live (2.x and later) and WD My Book Live Duo NAS appliances. The alleged attack remotely forced a factory reset for thousands of drives around the world starting back on June 23rd. The My Book Live firmware is vulnerable to a remotely exploitable command injection vulnerability when the device has remote access enabled. The US National Vulnerability Database registered accident as CVE-2021-35941.

WD MyBook Live Data Recovery

Western Digital currently has not offered a solution to the issue, stating support for the My Book Live drives ended back in 2015. WD recommends immediately disconnecting My Book Live and My Book Live Duo from the Internet to protect data from ongoing attacks. The affected products are:

  • WDBACG0030HCH

  • WDBACG0020HCH

  • WDBACG0010HCH

  • WDBVHT0080JCH

  • WDBVHT0060JCH

  • WDBVHT0040JCH

This vulnerability is not something new and initially was discovered in 2018 (CVE-2018-18472) with Base Score: 9.8 CRITICAL. As the My Book Live devices can be directly exposed to the Internet through port forwarding, the attackers may be able to discover vulnerable devices through port scanning. The affected devices firmware is vulnerable to a remotely exploitable command injection to run arbitrary commands with root privileges, which allows an attacker to factory reset the device without authentication.

Don Wells, ACE Data Recovery General Manager, stated the following: “We have been recovering Western Digital NAS appliances for years and “factory reset” is one of the common issues, created by human error, faulty firmware upgrade and so on. The malicious factory reset of My Book Live is just an example of a situation when our company can help. Similar vulnerabilities are found on NetGear Stora and Seagate GoFlex Home NAS appliances. Deleted and reformatted data is nothing new for us, whether it’s a single hard drive or multiple drives in a RAID setup, we have been successful in our attempts for years and will continue to do so.”

About ACE Data Recovery:

ACE Data Recovery, the leader in enterprise data recovery, provides services to businesses and individuals who experience data loss due to hardware and software failures or natural disasters. The company has recovered data from all types of media including HDD, SSD, RAID, SAN, NAS, and tapes since 1981. For additional information visit https://www.datarecovery.net or call 877-304-7189.