Seagate Hard Drives Have a Huge Security Flaw2015-09-09 02:08 by Daniela
Security researchers have warned about severe vulnerabilities in Seagate hard drives. They affect the following product lines: LaCie FUEL, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage that have firmware versions between 2.2.0.005 and 2.3.0.014.
The firmware of the vulnerable devices has Telnet services that can be reached by using factory credentials of 'root' as username and the default password. Telnet allows users to access devices whether through a wired or a wireless connection, but it does naturally require a password and correct username. However, the hardware's default credentials are so easily found that hackers can gain access into such a NAS in no time.
Furthermore, the vulnerable firmware offers a file upload possibility to the device's /media/ sda2 file system, which is normally used only for file sharing. All the files on the device can be accessed by the perpetrator as well. And once these hackers are in, they can install malware onto user's computer, and take control of it.
Fortunately, Seagate has reacted fast to the situation and released new firmware, version 220.127.116.11, that addresses all vulnerabilities. Owners of the aforementioned devices, are encouraged to download and to install the ultimate firmware updates provided by Seagate. Otherwise, they can expose the users of the hard drives to a higher risk of cyber-crime.
Read more -here-