UPDATE: The attack which effected thousands of blogs has been fixed, but illustrates how social openness can lead to security problems. "The more functional you make something, the less secure it tends to become," according to Roger Thompson, of ICSA Labs.
"It appears that the worm took advantage of Tumblr's reblogging feature, meaning that anyone who was logged into Tumblr would automatically reblog the infectious post if they visited one of the offending pages," according to researchers at Sophos' Naked Security blog.
"We are aware that there is a viral post circulating on Tumblr,” the company said on Twitter. “We are working to resolve the issue as swiftly as possible."
PC Mag reports that the worm appears to have taken advantage of Tumblr's re-blogging feature.
"Anyone who was logged into Tumblr would automatically reblog the infectious post if they visited one of the offending pages," said Sophos analyst Graham Cluley. “If you were not logged into Tumblr when your browser visited the URL, it would simply redirect you to the standard login page. However, if your computer was logged into Tumblr, it would result in the GNAA content being reblogged on your own Tumblr."
If you're a Tumblr user, it’s probably best that you stay away from your dashboard and Tumblr.com for a while. Also, if you've seen the fake post, Tumblr is also encouraging you to immediately log out of any browsers that might be using Tumblr.