Recently, word has been around that the drives of the western digital e-book have been hit with a cyberattack that has resulted in the exploitation of all the data. The major reason that is said to be the cause of the mishap i.e. the western digital removed code that would have prevented the data loss. All of this is caused due to the sloppy development that led millions of users to lose their data. All these external drives were hit with a remote exploit that deleted all their important files and data. If you also own my book, it is possible that you are also affected by it.
As we know that My E-book does not have a USB port like other external drives which connect the E-Book drive, with the help of the ethernet cable, to make it accessible to other different units. So the default option presents out there is always being online and the Western digital code has already stopped supporting My book a few years back.
The western digital removed code which would have easily prevented the mass wiping of the live storage drives from the My Book. It is said that a hacker had exploited the above change in western digital code and disrupted another hacker who had turned My Book into a botnet.
A developer that belonged to the western digital team had edited the system factory and restored the PHP script in order to block all the authentication checks. Just in case others think that the developer had deleted all the authentication checks, it is not at all like that. The developer just added some defined number of slash marks in front of the code that prevented the program from running.
Now before we move further into the issue, let us know what a digital code actually means. We all know that in the world of technology everything runs on binary code. Similarly, digital coding is the process of using binary digits that represent a character, symbols, etc.
Websites like Amazon, Xbox, PSN, etc. have their own digital codes, through which you avail certain benefits. For example, with the help of an amazon digital code, you can get a code voucher to use in the PlayStation store. So if you purchase it, Amazon will send you the confirmation via email with which you can redeem the code and use it for your purchases.
Now every digital code performs a different function, according to the usability it is designed for. Another example we have is of the Xbox live gold digital code whose function is to grant you a monthly subscription which grants you full access to all the features that are there on Xbox on offer. Moreover, you get 2-4 games a month for free and a store discount of 50%-70% on Xbox One.
Thirdly, the PSN digital code is also another digital card issued by the PlayStation which you can find on the box of your PS4. With the PSN digital code get cash cards issued by PlayStation, game add-ons, movies, etc.
The second point to be noted is that the vendor commenting over the authenticity of the system does not work in their favour at all. Moreover, it makes them seem like they were the ones who intentionally enabled this bypass. Also, the fact that the hacker triggered all the factory resets through an XML request means that he/she has prior knowledge of the My Book system or everything just falls on his meticulously planned guesswork.
According to western digital, the CVE-2018-18472 was used by the hacker to hack the system, which was password protected. The hacker used a power PC malware whose work is to turn the devices into Linux.ngioweb botnet. This helps in hiding the identities of all the cybercriminals. So in a nutshell, the western digital removed code was an act of loose security.
A note for all the users of the My Book is to immediately disconnect their devices from the internet connection and never use the remote storage device lest you lose all the important data.