Hackers use vulnerabilities to remotely erase data on WD NAS

Users of WD’s My Book Live and My Book Live Duo two personal cloud storage devices (NAS), earlier discovered that the data on their devices were erased overnight. Officials blamed it on a previous vulnerability code-named CVE-2021-35941, but a joint investigation conducted by Ars Technica and CTO Derek Abdine of Censys of the Security Department revealed that the data was erased because of a file named “system_factory_restore” In, there is another vulnerability that has not been discovered.

Posted on