Tumblr spammers blast blog site over slow response to attack warning

Blogging platform falls victim to spammers.

Hackers

The group responsible for carrying out an attack on Tumblr, which resulted in abusive messages being posted on thousands of users' blogs, claim they warned the site an attack could happen weeks ago.

The blogging site was hit by a spamming group called GNAA yesterday who used the platform to post a 200-word anti-Tumblr rant on thousands of the firm's blogs.

"This is in response to the seemingly pandemic growth and worldwide propagation of the most F******G WORTHLESS, CONTRIVED, BOURGEOISIE, SELF-CONGRATULATING AND DECADENT B******T THE INTERNET EVER HAD THE MISFORTUNE OF FACILITATING," the post stated.

We contacted Tumblr two weeks ago...but they never got back to us.

In an interview with news site Gawker, a person reporting to be a GNAA spokesperson, said the group warned Tumblr an attack could take place weeks ago.

"Someone would have done a lot worse than just posting a message over and over if they didn't fix it right away," said the spokesperson.

"We contacted Tumblr about it about two weeks ago. We used the 'can't find what you're looking for' link at the bottom of the email troubleshooting page. They never got back to us."

The site is used to publish more than 70 million posts a day and reportedly hosts nearly 71 million blogs.

In a blog post, a Tumblr spokesperson said the firm had moved quickly to resolve the issue.

"We quickly identified the source, removed the posts, and restored service to normal," the post stated.

"No accounts have been compromised, and you don't need to take any further action."

In a further post on the Naked Security blog, Graham Cluley, senior technology consultant at security software vendor Sophos, was able to shed some light on how the attack was carried out.

"The worm took advantage of Tumblr's reblogging feature, meaning that anyone who was logged into Tumblr would automatically reblog the infectious post if they visited one of the offending pages," wrote Cluley.

"Each affected post had some malicious code embedded inside them...If your computer was logged into Tumblr, it would result in the GNAA content being reblogged on your own Tumblr," he added.

Featured Resources

The definitive guide to warehouse efficiency

Get your free guide to creating efficiencies in the warehouse

Free download

The total economic impact™ of Datto

Cost savings and business benefits of using Datto Integrated Solutions

Download now

Three-step guide to modern customer experience

Support the critical role CX plays in your business

Free download

Ransomware report

The global state of the channel

Download now

Recommended

The state of ransomware in retail 2021
Whitepaper

The state of ransomware in retail 2021

23 Aug 2021
Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
Sophos XG 230 Rev.2 review: Powerful and flexible
unified threat management (UTM)

Sophos XG 230 Rev.2 review: Powerful and flexible

1 Apr 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

17 Sep 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
The technology powering the future of shopping
Technology

The technology powering the future of shopping

16 Sep 2021