WD NAS users be on your guard because no one is safe from this attack !
My Ex2 NAS Public files has also been encrypted by 0xxx virus in July 2021.
WD did not assist me in identifying the source of such a serious security problem.
I have bkup of files and I just lost days of work to restore my files.
What is curious is that only files on the Public shared folder has been encrypted and not other folders. So, I deactivated the public sharing.
What is most troubling is the actual security of UltraEx2 NAS. As a security aware developer I don’t understand how the NAS has been infected. The NAS is firewall protected, the passwords are strong, there are no third parties applications, no other computers (Linux and OSX) has been infected on my home network. The virus encryption was made by the NAS processor as the files timestamps and the slow network it is installed on.
YES, this is very annoying not to know how it has been infected and it could be suspected that it was during a NAS firmware update, so WD responsibility.
MOREOVER, I have no idea if the virus has been deleted from the NAS OS and why it did only encrypt the Public folders.
Since then, I have installed the antivirus application and executes it every night but it has not detected any virus and I suppose it does not delete virus in the NAS OS but only in files.
Any advice to protect our NAS is very welcome !