Western Digital My Cloud Drives Have a Built-In Backdoor

Discussion in 'HardForum Tech News' started by Megalith, Jan 6, 2018.

  1. Megalith

    Megalith 24-bit/48kHz Staff Member

    Messages:
    13,004
    Joined:
    Aug 20, 2006
    Security researcher James Bercegay has released his findings on a hard-coded backdoor in certain My Cloud products after Western Digital failed to address the vulnerability. Reportedly, anyone can log in with "mydlinkBRionyg" as the username and "abc12345cba" as the password. These credentials cannot be changed.

    Affected models include My Cloud Gen 2, My Cloud EX2, My Cloud EX2 Ultra, My Cloud PR2100, My Cloud PR4100, My Cloud EX4, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100 and My Cloud DL4100. A Metasploit module has also been publicly released, making is very easy for almost anyone to take advantage of Western Digital drives.
     
  2. auntjemima

    auntjemima [H]ardness Supreme

    Messages:
    4,593
    Joined:
    Mar 1, 2014
    Wow, mine isn't listed lol.

    How the fuck do people even find exploits like this. That username and that password? Jeez.
     
    serious likes this.
  3. Retronym

    Retronym Something big is coming.

    Messages:
    11,274
    Joined:
    Mar 5, 2007
    What a joke of a credential!
     
  4. STrAYeR

    STrAYeR Limp Gawd

    Messages:
    439
    Joined:
    Jan 31, 2005
    Well WD and most companies are in bed with the NSA. It's a sad turn of events though not surprising.
     
  5. nutzo

    nutzo [H]ardness Supreme

    Messages:
    7,377
    Joined:
    Feb 15, 2004
    Lucky mine is an older model, and this login doesn't work (I checked)
     
  6. RealBeast

    RealBeast Gawd

    Messages:
    648
    Joined:
    Aug 4, 2010
    Well good for WD, they didn't Password1. :rolleyes:
     
  7. steakman1971

    steakman1971 2[H]4U

    Messages:
    2,433
    Joined:
    Nov 22, 2005
    Probably a backdoor a programmer forgot to take out. Sure makes it easy on support when a person forgets their password!
     
  8. Satyrist

    Satyrist Gawd

    Messages:
    720
    Joined:
    Mar 12, 2001
    (sing-song voice) LawSUIT!
     
    dj_spanmaster likes this.
  9. WhoBeDaPlaya

    WhoBeDaPlaya 2[H]4U

    Messages:
    2,485
    Joined:
    Dec 16, 2002
    Better than 12345 I suppose...

     
    Master_shake_ likes this.
  10. westrock2000

    westrock2000 [H]ardForum Junkie

    Messages:
    8,994
    Joined:
    Jun 3, 2005
    So they can be internet hero’s. Who gives a shit if a bunch of people get affected. They got their name mentioned on techdirt.
     
  11. Koko56

    Koko56 [H]ard|Gawd

    Messages:
    1,337
    Joined:
    Jan 8, 2007
    Heroes*
     
  12. Revdarian

    Revdarian 2[H]4U

    Messages:
    2,371
    Joined:
    Aug 16, 2010
    You obviously have no idea about what a security expert is or does, and if you would have read something you would have seen that he brought his findings to WD and WD refused to acknowledge them, so the next point after giving enough time is to do just what he did, a full public disclosure to force the company to act.

    smfh seriously, 10k posts and it is like you don't know anything.

    edit to add:
    He gave them 6 freaking months, more than enough time for them to say or do anything, maybe issue a firmware update to close the backdoor, but they did nothing= they wanted to keep the backdoor is what this tells me.
     
    mesyn191, Meeho, d8lock and 2 others like this.
  13. geok1ng

    geok1ng 2[H]4U

    Messages:
    2,135
    Joined:
    Oct 28, 2007
    "Don't worry, i will take it out before i am finished"
     
  14. T_A

    T_A Limp Gawd

    Messages:
    405
    Joined:
    Aug 4, 2005
    "The user name or password entered is incorrect."

    EX4100 , must have been fixed in November firmware update
     
  15. westrock2000

    westrock2000 [H]ardForum Junkie

    Messages:
    8,994
    Joined:
    Jun 3, 2005
    Not unexpected. Front page delivers.
     
  16. Azphira

    Azphira [H]ard|Gawd

    Messages:
    1,822
    Joined:
    Aug 18, 2003
    If only humans could evolve a bit further than the apes they replaced, there would be no need for security.
     
  17. Revdarian

    Revdarian 2[H]4U

    Messages:
    2,371
    Joined:
    Aug 16, 2010
    Did you follow the instructions entirely? it isn't to just use the username and password as is...

    edit to add:
    http://gulftech.org/advisories/WDMyCloud Multiple Vulnerabilities/125
    There it is the proper way to access the backdoor.
     
    Last edited: Jan 7, 2018
    mesyn191 likes this.
  18. dugn

    dugn Limp Gawd

    Messages:
    397
    Joined:
    Aug 16, 2009
    PRO TIP: Any consumer product with the term 'Cloud' anywhere in it's name: Avoid.

    Reasons? Too many to list.
     
    TitaniumLizzard and Revdarian like this.
  19. mnewxcv

    mnewxcv [H]ardness Supreme

    Messages:
    6,391
    Joined:
    Mar 4, 2007
    I don't even want to know what kind of security flaws my trend net Nas has then.
     
  20. TitaniumLizzard

    TitaniumLizzard [H]Lite

    Messages:
    89
    Joined:
    Dec 30, 2009
    Great! Like they already didn't have security issues:

     
  21. velusip

    velusip [H]ard|Gawd

    Messages:
    1,578
    Joined:
    Jan 24, 2005
    Data dumps, grep for useful strings or operations, peruse via radare2.
     
    TitaniumLizzard likes this.
  22. Uvaman2

    Uvaman2 2[H]4U

    Messages:
    3,032
    Joined:
    Jan 4, 2016
    Like the second message. I think a lot has to do with not only thinking in exploits for the program as in looking for mistakes, but also security researchers must have shifted in thinking to look for intentionally placed backdoors after Snowden. Even more worrying is the expressions by companies namely Intel, that things are working as intended, yeah, i know it might be a liability issue, but do they say the same about other lesser bugs? Bugs that crash a software things like that? I think I can take them at their word, and working as intended means working as intended, and that meltdown/spectre attack was a backdoor working as intended, period that simple.. i mean they wouldn't be allowed to say they were mandated to do this, but they will be able to say so in a secret court, you might see all the lawsuits dropped or most likely settled quickly by a sum that is offset by a tax credit. I mean this WD thing is so obvious , the Intel stuff was much less obvious, but was it not for them? How can it not have been 10 years in.. yeah they are complex systems, but they are at our level, they must understand their own hardware down to the metal so to speak, this is what they do, and these attacks seem to be tied to something very fundamental about the chip, and they seemed to me counting simply on the complexity for a normal person to figure as the safety feature.
     
  23. Master_shake_

    Master_shake_ [H]ardForum Junkie

    Messages:
    8,641
    Joined:
    Apr 9, 2012
    the only thing these things are good for is shucking the drive and tossing the case.

    build your own cloud people.
     
  24. T_A

    T_A Limp Gawd

    Messages:
    405
    Joined:
    Aug 4, 2005

    on the same page you linked at the buttom:


    --[ 08 - Solution

    Upgrade firmware to version 2.30.174
    See the official vendor website for further details.


    2.30.174 was released in November.
     
    PaulP, Revdarian and auntjemima like this.
  25. Revdarian

    Revdarian 2[H]4U

    Messages:
    2,371
    Joined:
    Aug 16, 2010
    My bad then, still they should have disclosed the issue to the public in order to enforce a full firmware rollout, not disclosing the issue that the firmware fixes leaves lots of customers wide open.