NAS-ty Surprise: Hackers Hijacked His Home Videos (Storage)

By /
Otonata Dragonfly inspecting a NAS which has been smashed

TLDR Summary:

A recent network scan uncovered multiple high-severity vulnerabilities in a Western Digital NAS device used by one of our clients. The flaws included authentication bypasses, remote code execution and weak encryption protocols — essentially leaving the device wide open to attackers.

Unfortunately, by the time we identified the issues, the device was non responsive to logging in suggesting someone had likely compromised the system earlier and may still be in control.

Client Snapshot

Garrick* is a finance professional and a father of two. When he’s not ferrying the kids between activities, he’s whipping up delicious meals at home using recipes he finds online. To chillax after long days, he has multiple media options (including home videos), streaming to a pair of 65″ Smart TVs.

What Went Wrong

The NAS was running outdated software (including PHP 5.4.16 and Netatalk 3.0.5), accepting insecure cipher suites (vulnerable to SWEET32). If it was previously kept up to date, these security oversights would’ve been patched, blocking attackers from bypassing logins, executing arbitrary code, and potentially pivoting deeper into the home network.

Fixes now and for later

  1. Manual recovery – Remove the hard disk from the NAS device and try backing up the precious media onto a different device, taking care to avoid suspicious and malicious software that may already exist on the NAS.
  2. Factory reset – Networked devices often provide the capability to completely reset and restore the factory default software. This should flush out any earlier login accounts and allow access to update the firmware.
  3. Firmware Update – Western Digital had released security patches addressing many of these issues. Installing the latest firmware was the top priority.
  4. Credential Change – Replacing the default admin password with a strong, unique one was immediately recommended.

Key Takeaway

Home network storage can be a great asset when managing the memories of a growing household but that can quickly become a liability if left unpatched or misconfigured. This case underscores the importance of regular firmware updates, strong credentials, and staying aware of maintenance needs.

*Client names have been changed to avoid identification. Garrick’s client code name is Clay Mastiff

Related Posts

Scroll to Top