The Downside Of Social: 8,600 Tumblr Accounts Defaced By Fake Racist Posts
UPDATE: The attack which effected thousands of blogs has been fixed, but illustrates how social openness can lead to security problems. "The more functional you make something, the less secure it tends to become," according to Roger Thompson, of ICSA Labs.
"It appears that the worm took advantage of Tumblr's reblogging feature, meaning that anyone who was logged into Tumblr would automatically reblog the infectious post if they visited one of the offending pages," according to researchers at Sophos' Naked Security blog.
platform used by thousands of musicians and labels, has been hit with a nasty
worm today posting racist messaging to users' blogs without their
permission. The hacker group GNAA has claimed responsibility for the attack and
has said 8,600 unique Tumblr users have been affected. The massive bug is sweeping
all across Tumblr with some of the biggest blogs being affected like USA Today,
Reuters, The Verge, and CNET.
The hackers apparently don’t like Tumblr or its users very much,
as the fake post criticized Tumblr for the "propagation of the most
f**king worthless, contrived, bourgeoisie, self-congratulating and decadent
bulls**t the Internet has ever had the misfortune of facilitating." Tumblr
users are then accused of being unoriginal (among other insults) and are suggested
to kill themselves.
"We are aware that there is a viral post circulating on
Tumblr,” the company said on Twitter. “We are working to resolve the issue as
swiftly as possible."
PC Mag reports that the worm appears to have taken advantage
of Tumblr's re-blogging feature.
"Anyone who was logged into Tumblr would automatically
reblog the infectious post if they visited one of the offending pages," said
Sophos analyst Graham Cluley. “If you were not logged into Tumblr when your
browser visited the URL, it would simply redirect you to the standard login
page. However, if your computer was logged into Tumblr, it would result in the
GNAA content being reblogged on your own Tumblr."
If you're a Tumblr user, it’s probably
best that you stay away from your dashboard and Tumblr.com for a while. Also, if you've seen the fake post, Tumblr
is also encouraging you to immediately log out of any browsers that might be