Home » News » Spam and email » All your feels are belong to us: Tumblr worm

All your feels are belong to us: Tumblr worm

By Luciana on December 5, 2012 | Spam and email All your feels are belong to us: Tumblr worm

Tumblr blogging platform has been quite glitchy past few days and the reason for that is a worm attacking its users. This infection-hack-parasite-scam was designed specifically for Tumblr and it caused a lot of trouble.

Although the worm hadn’t spread as widely through the website as Tennant Tuesday, it had potential to infect much more blogs than it did. It resulted in website being shut down several times for cleaning up. Occasionally some functions of the blogging were disabled in order to stop the worm from making its way any further.

What is this Tumblr worm?

The “worm” was actually a virally spreading post. And by virally we don’t mean it as in it-is-so-good-that-everyone-wants-to-show-it-to-their-friends virally. We mean it as in exploiting-website’s-code-to-spread-it's-copies virally. The post delivered offensive message automatically and threatened deleting account also automatically if the message was deleted.

In case you’re curious and let’s admit you are, here’s the text of the post:

"Dearest 'Tumblr' users,
We have taken the liberty of upgrading your (rather tasteless, we must say) blog to our premier GNAA Gary Niger (pictured to the left) Signed Edition! This is in response to the seemingly pandemic growth and world-wide propagation of the most FUCKING WORTHLESS, CONTRIVED, BOURGEOISIE, SELF-CONGRATULATING AND DECADENT BULLSHIT THE INTERNET EVER HAD THE MISFORTUNE OF FACILITATING.
However, we do not believe you are beyond redemption! All you have to do is DRINK BLEACH AND DIE YOU EMO, SELF-INSISTING, SELF-DEPRECATING, SELF-INDULGENT EMPTY HUSKS OF HUMAN BEINGS. REPEAT AFTER ME: I WISH I WAS PROFOUND, BUT I'M NOT! I WISH I WAS ORIGINAL, BUT I'M NOT! I WISH MY IMPENDING DEATH WAS OF ANY CONSEQUENCE, BUT IT IS NOT! Your last chance of redemption hinges upon your death; your death which was most fortunately prescribed by your unfortunate birth. Fret not, dear emo, your death will be regarded as a sacrifice to humanity; to die a martyr is a glorius death, and will likely be your highest contribution to society.
P.S. Attempting to delete these posts will delete your tumblr account ;] But, by all means, go ahead!

How did this happen?

As Tumblr users already know the website has “reblog” function which works for sharing posts and pictures and adorbs in all the huge network of blogs. Although the exact reason remains as unclear as the air date of Sherlock series 3, experts guess that the scammers found some workaround in Tumblr’s defense thus enabling them to run malicious JavaScript. The script then reblogged the aforementioned post automatically if a person visiting the “infected” blog was logged into the website.

Is it serious?

The worm had not delivered any malicious payload. It had no capacity to affect a blog except for spamming it with the hateful posts. It was serious while it was spreading. However, it showed the possibility of such attacks which may be explored further by other attackers.

At the moment it seems like people at Tumblr were able to stop the worm from spreading according to their blog:

We quickly identified the source, removed the posts, and restored service to normal.
No accounts have been compromised, and you don’t need to take any further action.

What should you do?

Don’t you worry; your blog is as safe as it can be. Read a message posted by Tumblr staff regarding the situation. In fact, we recommend following Tumblr staff blog if you’re not doing that already. That will also help in preventing Tumblr scams such as those which promise coupons and gifts for reblogging and visiting links (spoilers: those are actually malicious) as they usually present themselves as posted by Tumblr staff.

Stay safe!

More Spam and email news

Facebook in black: a fast spreading scam

Facebook in black: a fast spreading scam

Lately, a wide spread new scam are attacking social network users. If you get a message stating you can get Facebook Black by clicking a link, be sure that this is a scam.Social networkers are getting messages they can switch heir regular black colour to a black one. For getting it they are forced to click on a link which takes you to a third-party website. Read more.

News categories

Latest news