I suspect in most or all cases your data is still actually on the drive. It takes a long time to actually completely format drives of this size at the disk level. I have mounted and initiated recovery on mine and am able to see all of the files. Once the filesystem has been inventoried I am going to copy them off to another device just to verify everything looks good. So far every file I have previewed out of the almost 300 gigs it has processed checks out fine. If you need assistance or have any questions please contact me directly.
Please see my post under drive_assistance - hope this helps!
Have you tried EaseUS Data Recovery? That worked for me.
The fact you couldnât login and had to reset in order to do so along with the drive being empty likely shows your device was hit because thatâs a symptom everyone else is reporting. Your computer may still show old info from its cache and not reflect the the loss of data yet. If you can access the 80GB of data on that N drive, I would copy it off ASAP, but I doubt you can if youâve been hacked and itâll simply be empty.
Iâm sorry but how do you connect it directly to your computer? I have the simple version with only the RJ connector, not the USB.
The instructions are here:
Thank you for your answer; I still see one folder but I canât access it.
But how likely is it that someone has retrieved my data? I saw in another post that that is most likely not the case but to be honest iâm a bit scared.
You mentioned hacked; does it mean that some accessed my system?
From that youâve said, it appears your MBL was hacked. It doesnât necessarily mean anyone got onto your computer system. From what Iâve seen in the thread, itâs not likely they downloaded data from your MBL -
reference -
But they likely did install malware of some sort and forced a factory reset so that may be why your data appears gone.
I removed my drive from the entire housing that it comes in and disconnnected from the small main board that is attached to it so that I could directly access the SATA interface utilizing a USB to SATA cable. Then running EaseUS I can see everything on the drive easily. I just pulled some files off that have been recovered and they checked out fine. I can get you the link on how to take the drive out of the casing if needed.
In this case I would assume the worst and protect yourself as best as you can. Most peoples critical data is going to be in very small files which are easy to swipe.
I will take pictures if that will help too. The important thing I wanted to get out is that I would believe in most if not all cases your data is there. It is just not going to be directly addressable by an operating system in the traditional sense so I wanted to get some help out to people.
Sounds like you may have accidentally triggered the issue when you were doing ssh commands into it and itâs not the hack people are reporting here.
Thank you so much for the update. Please keep updating your results. I sent me drive in to a data recovery company and shared your earlier feedback about your fix. Thank you
EaseUS (or any other similar utility) will be able to read the drive and recover all files.
Just a quick correction. You can leave it on âautomaticâ in the settings, just make sure Remote Access is disabled and therefore UPnP wonât be on. But, everyone should disable UPnP on their routers regardless. Itâs a security risk in general.
Thank you so much for the update. Please keep updating your results. I sent me drive in to a data recovery company and shared your earlier feedback about your fix. Thank you @honghong
I can assure you it is not.
For your consideration, OpenWRT is apparently compatible with this hardware (havenât tried it though).
No, just horrifyingly bad default network security settings
Try.Mp3tag - the universal Tag Editor (ID3v2, MP4, OGG, FLAC, ...) ; does that get you titles/artists?
They would need to superimpose an entirely different type of exploit to get data from Chrome. I wouldnât say itâs impossible, but so far there have been no reports of this happening.
Thanks for the Pin trick.
Lost 2tb Mybooklive and stuck at admin. Not confident of accessing the drive without taking a hammer to it as youtube instruction on how to get it out clearly show it is not worth the hassle of putting it back together again. Hopefully, the data can be recovered but once bitten âŠ
Ok so I have to guess that another user porcentage that maybe never registered their drives are unnaware of this.
And people that were not hacked too.
WD says in their email âsome unitsâ impliyng ânot all of themâ
But hey, in the end, as end users (not ssh at all) what should we do?
I have backup, I didnt even get hacked.
Unpnp os ON on the router. Drive never was Access remote on.
What else do I block if I turn unpnp Off in the router? Mobiles? The TV? Computers?
This is good news, thanks! Is there any possibility of the file structure remaining intact?