After it was revealed last week that My Book Live NAS owners mysteriously made their stored files disappear, a recent finding showed that a zero-day vulnerability allowed a threat actor to reset mass devices that ultimately caused the data loss.
While Western Digital had initially told BleepingComputer that the attacks were carried out via a vulnerability called CVE-2018-18472, which has not been fixed since the device went out of service in 2015, it was discovered that another zero-day vulnerability caused the factory reset.
After carefully analyzing the device’s log, some users found that a script called factoryRestore.sh was running on their devices on June 24, deleting the device’s files.
For more information, read the original story in Bleeping Computer.