December 03, 2012

Tumblr disrupted by fast-spreading worm

A group of internet "trolls" is behind the spread of an offensive post – a worm which went viral Monday on blogging platform Tumblr, reposting itself on victims' pages and on those of infected visitors.

GNAA, an "anti-blogging" group that in the past has attacked major sites – such as CNN, President Obama's campaign and Wikipedia – claimed responsibility for spreading the worm, which took the form of a verbal tirade that appeared on the Tumblr pages of more than 8,000 users, according to Monday tweets that appear to have been deleted by a group member who sent them. USA Today and Reuters were among the Tumblr pages struck by the worm. 

The trolling group, which goes by an inflammatory name, explained the incident as a “war on bronies” – fans of the television series My Little Pony: Friendship is Magic, according to a release from GNAA. A Tumblr page for fans of the animated show was the target of the attacks, and online publication The Daily Dot was among the first to have its Tumblr page exploited.

The Daily Dot reported on the incident, saying the viral message begins with “Dearest Tumblr users,” before a tirade ensues about the "self-indulgent" and “decadent” ways of Tumblr bloggers.

“The post – an angry rant against Tumblr users – is pure trolling clickbait,” said The Daily Dot article. “Buried in the post is a worm, and clicking it allows the post to propagate to your Tumblr blog, too. Repeat enough times and you have a near Tumblr apocalypse.”

Tumblr said it fixed the security issue as of Monday afternoon EST, according to a spokeswoman who emailed SCMagazine.com. The worm did not appear to inflict any other harm than to spread the inflammatory spam message. Users' accounts were not compromised.

"Engineers have resolved the issue of the viral post attack that affected a few thousand Tumblr blogs earlier today," she said. "If you have viewed this post, please log out of all browsers that may be using Tumblr immediately."

Tumblr did not confirm the nature of the security issue, but BetaBeat suggested the hole permitted the spread of a JavaScript exploit. Users can change their password as an added security measure, and if infected by the worm, delete the offending post by using Tumblr's mass editor feature.

A spokesperson for GNAA told Gawker that it warned Tumblr about the vulnerablity weeks ago, but the company did nothing.

Related Articles
Related Topics
Related Links

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.