cryptogon.com

news – analysis – conspiracies

• Home
• About
• Archives
• Contact
• Support Cryptogon
• Story Suggestions

WD My Cloud NAS Devices Have Hard-Wired Backdoor

January 8th, 2018

Via: Register:

If you have a Western Digital My Cloud network attached storage device, it’s time to learn how to update its OS because researcher James Bercegay has discovered a dozen models possess a hard-coded backdoor.

The backdoor, detailed here, lets anyone log in as user mydlinkBRionyg with the password abc12345cba.

WD mostly markets the My Cloud range as suited for file sharing and backup in domestic settings. But several of the models with the backdoor are four-disk machines suitable for use as shared storage in small business and also capable of being configured as iSCSI targets for use supporting virtual servers. Throw in the fact that some of the messed-up machines can reach 40TB capacity and there’s the very real prospect that sizeable databases are dangling online.

Sign in | Register

The New Zealand Copyright Act 1994 specifies certain circumstances where all or a substantial part of a copyright work may be used without the copyright owner's permission. A "fair dealing" with copyright material does not infringe copyright if it is for the following purposes: research or private study; criticism or review; or reporting current events. If you are a legal copyright holder, or a designated agent for such, and you believe a post on this website falls outside the boundaries of "fair dealing," and legitimately infringes on your or your client's copyright, please contact Kevin Flaherty. Cryptogon contains both original material and material from external sources. Original material: Copyright Kevin Flaherty. Material from external sources: Copyright the respective owners / authors.

Design by Andreas Viklund | Ported by Matteo Turchetto