(LiveHacking.Com) – The GNAA, an “anti-blogging” group, is claiming responsibility for a worm which hit Tumblr this week. The worm posted unpleasant posts on victim’s accounts and spread when others viewed the post. The text posted on victim’s blogs starts with “Dearest Tumblr users,” but it quickly turns into a bewildering rant about the “self-indulgent” and “decadent” ways of Tumblr bloggers.
The GNAA, whose acronym is intentionally inflammatory and isn’t worth repeating here, has attacked other major sites in the past including CNN, President Obama’s re-election campaign and Wikipedia. As another “prank” the group pretended to be looters on Twitter in the aftermath of hurricane Sandy. In an interview, a spokesman for the group claims they told Tumblr weeks ago about the potential security vulnerability but they were ignored.
During the attack Tumblr posted the following status message: “There is a viral post circulating on Tumblr which begins “Dearest ‘Tumblr’ users”. If you have viewed this post, please log out of all browsers that may be using Tumblr immediately. Our engineers are working to resolve the issue as swiftly as possible. Thank you.”
According to SCMagazine, Tumblr has fixed the security issue which allowed the worm to spread. The worm did not do any other damage other than spreading the inflammatory spam message. According to Tumblr, users’ accounts were not compromised.
The fix was confirmed by the blogging platform, “Tumblr engineers have resolved the issue of the viral post attack that affected a few thousand Tumblr blogs. Thanks for your patience.”