Tumblr Blogs Hit by Malicious Worm

A “few thousand” accounts on micro-blogging site Tumblr were hit with a malicious exploit and filled with offensive, spam blog posts earlier today.

Here’s how it happened according to Sophos, a security software firm: the worm took advantage of the site’s reblogging feature, and anyone who was logged into Tumblr would automatically reblog the infections post if they visited the page. Each post had some malicious code embedded inside it.

Tumblr says it has since fixed the exploit, issuing the statement that follows:

This morning, some of you may have noticed a spam post appearing repeatedly on your Dashboard and on the blogs of a few thousand affected accounts. We quickly identified the source, removed the posts, and restored service to normal. No accounts have been compromised, and you don’t need to take any further action. Our sincere apologies for the inconvenience. As always, we are going to great lengths to make sure this type of abuse does not happen again

So, no, this worm has not affected your computer — it’s restricted to Tumblr’s website.

Tumblr tweeted from its main Twitter account earlier today that it was aware of the issue, calling it a “viral post circulating on Tumblr.  Buzzfeed has a few screenshots of the mayhem.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s