A zero-day vulnerability in Western Digital My Book Live NAS devices allowed a threat actor to perform mass-factory resets of devices last week. Western Digital had originally told BleepingComputer that the attacks were being conducted through a 2018 vulnerability tracked as CVE-2018-18472, which was not fixed as the device has been out of support since 2015. The attacks would also password-protect various scripts to prevent the devices from being taken over by rival botnets or other threat actors. Censys CTO Derek Abdine believes that the mass-wipes of the NAS devices might have been an attempt by another threat actor or the rival.
Source: https://www.bleepingcomputer.com/news/security/hackers-use-zero-day-to-mass-wipe-my-book-live-devices/