Visitors Now:
Total Visits:
Total Stories:
Profile image
Story Views

Now:
Last Hour:
Last 24 Hours:
Total:

Tumblr Worm Exploited Site’s Re-blogging Feature

Tuesday, December 4, 2012 22:01
% of readers think this story is Fact. Add your two cents.

(Before It's News)

redOrbit Staff & Wire Reports – Your Universe Online

A group of hackers going by the name “GNAA” claimed responsibility for a fast-spreading software worm that infected thousands of accounts on the popular micro-blogging site Tumblr on Monday morning.

Users of infected accounts saw their pages defaced with a profane, expletive-laden message.

Tumblr was able to fix the security exploit within hours, and released a statement Monday afternoon saying the site had been restored to normal.

“This morning, some of you may have noticed a spam post appearing repeatedly on your Dashboard and on the blogs of a few thousand affected accounts. We quickly identified the source, removed the posts, and restored service to normal,” the statement read.

“No accounts have been compromised, and you don’t need to take any further action. Our sincere apologies for the inconvenience. As always, we are going to great lengths to make sure this type of abuse does not happen again.”

Security software firm Sophos said the worm had harnessed Tumblr’s re-blogging feature, so that anyone who was logged into the site would automatically re-blog the infected post if they visited one of the offending pages.

“Each affected post had some malicious code embedded inside them,” Sophos said on its Naked Security blog.

In a now-deleted tweet, GNAA said its exploit had impacted 8,600 Tumblr accounts at its peak. The Internet trolling group released a statement saying the attack was part of its ongoing war against bronies — male fans of My Little Pony.

A GNAA spokesman said the hack was also aimed at shining a light on Tumblr’s slack security.

“We contacted Tumblr about this weeks ago and nothing came of it,” the spokesman told Gawker.

“This was a serious issue that needed to be fixed.”

Sophos said it shouldn’t have been possible for someone to post such malicious JavaScript into a Tumblr post.

“Our assumption is that the attackers managed to skirt around Tumblr’s defenses by disguising their code through Base 64 encoding and embedding it in a data URI.”

redOrbit.com
offers Science, Space, Technology, Health news, videos, images and
reference information. For the latest science news, space news,
technology news, health news visit redOrbit.com frequently. Learn
something new every day.\”



Source:

Report abuse

Comments

Your Comments
Question   Razz  Sad   Evil  Exclaim  Smile  Redface  Biggrin  Surprised  Eek   Confused   Cool  LOL   Mad   Twisted  Rolleyes   Wink  Idea  Arrow  Neutral  Cry   Mr. Green

Top Stories
Recent Stories

Register

Newsletter

Email this story
Email this story

If you really want to ban this commenter, please write down the reason:

If you really want to disable all recommended stories, click on OK button. After that, you will be redirect to your options page.