Your IT Consultant

Another Day, Another Backdoor Discovered

January 8, 2018

Backdoors are bad. They are designed to bypass normal security access methods and allow direct administrative control without the user's knowledge. Once the backdoor access is known, every device with the coded credentials is at risk. Everybody, the bad guys and good guys, can access the device at will. Researcher James Bercegay has revealed a backdoor with Western Digital's My Cloud network attached storage devices. The Register reports, "WD mostly markets the My Cloud range as suited for file sharing and backup in domestic settings. But several of the models with the backdoor are four-disk machines suitable for use as shared storage in small business and also capable of being configured as iSCSI targets for use supporting virtual servers."

Anybody can access the My Cloud NAS by using the user ID of mydlinkBRionyg and a password of abc12345cba. The fix? Apply the available update. The following MyCloud models are impacted:

• MyCloud
• MyCloudMirror
• My Cloud Gen 2
• My Cloud PR2100
• My Cloud PR4100
• My Cloud EX2 Ultra
• My Cloud EX2
• My Cloud EX4
• My Cloud EX2100
• My Cloud EX4100
• My Cloud DL2100
• My Cloud DL4100

If you are running firmware version 4.x, you are not impacted.

E-mail: Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://www.senseient.com