Worm Infects Thousands of Tumblr Accounts

A large number of blogs hosted on Tumblr is spreading a viral message written by the group hacker GNAA. According to the account of the group on Twitter, 8,600 users of Tumblr published the post, which can spread itself and comes to encourage the reader to commit suicide. In the end, the text states that any attempt to delete the post will entail the exclusion of the account.

The group has attacked major sites in the past, including the pages of Wikipedia, CNN and even the presidential campaign of Barack Obama. The GNAA messages have a code that, when executed, causes the post also appear on your Tumblr. It is not recommended to access blogs Tumblr as the team responsible for the service does not resolve the problem.

Major media outlets had their infected accounts, which helped to spread the message quickly. Among the affected are blogs USA Today, Entertainment Weekly, Reuters and The Verge. If you went to some of these Tumblrs recently, your account may have been compromised.

If your Tumblr is displaying the post, Gizmodo recommends entering the editor of posts and delete all messages drawbacks. It is also important to change your password, although there is no evidence that the group has accessed or obtained sensitive data from individual accounts.

Tumblr released a statement saying that already took note of the problem and is working to resolve the fault as quickly as possible. If you viewed the post above, the recommendation of Tumblr is to log out immediately.

Because the worm Tumblr spread so fast?

Sophos explained in the blog Naked Security that each post has a malicious JavaScript code. Encrypted with base64, the post carries an invisible iframe, which in turn opens a window with a false message that Tumblr will enter maintenance on 4 December. If the user is not logged in, it is redirected to the login screen. Otherwise, the message is repostada on Tumblr victim – and spread by all who access the text later.