Hackers Behind Tumblr Worm Say They Warned Tumblr of Vulnerability Weeks Ago
Tumblr has been flooded by a worm that's spamming thousands of user's feeds with an anti-Tumblr rant. In an interview, a spokesman for the group that's apparently behind the hack claims they warned Tumblr weeks ago about the potential exploit but they were ignored. Oh, and they're also waging a "War on Blogs."
Today's hack has been claimed by the GNAA (NSFW), an established trolling group that makes a hobby of "crapflooding" blogs and screwing with media organizations for laughs. Recently they trolled journalists by pretending to be looters on Twitter in the wake of Superstorm Sandy. We spoke to a GNAA spokesperson who goes by the handle Literal Ka about the Tumblr hack via email. This is of course a internet trolling organization so take everything with the appropriate grain of salt:
How did you do it? Were accounts compromised by the worm, or is it just a spam thing?
I'm just the PR guy, to be honest. However, I do know that no accounts were compromised, it was purely a 'spam thing'.
Why did you do it?
We contacted Tumblr about this weeks ago and nothing came of it. This was a serious issue that needed to be fixed. Someone would have done a lot worse than just posting a message over and over if they didn't fix it right away...
The GNAA recently declared a "War on Bronies," the online community of fans of My Little Pony that has a large presence on Tumblr. Is this part of that war?
It was not just the War on Bronies, but the War on Blogs (which the War on Bronies is a part of). The fact that these people feel that watching a television show made for little girls makes them an oppressed minority absolutely disgusting (If you don't believe me, just look on Tumblr or /mlp/ or what have you.) There are real oppressed minorities out there, like homosexual African Americans.
And on top of that, you have a good-sized portion of these people drawing pornographic artwork of fictional horses designed for little girls, claiming that it is "fighting to overcome traditional gender roles" or whatever (again, check Tumblr).
Do you have up-to-date statistics on how many people were hit?
Tumblr would know better than we would. There was an image from gnaa.eu inlined into the posts, which has received maybe 14,000 unique hits or so? (This is not the number of people affected, just the number of people who saw a post.)
Have you been contacted by Tumblr or contacted Tumblr about the exploit?
We contacted Tumblr about it about two weeks ago. We used the "can't find what you're looking for" link at the bottom of the email troubleshooting page. They never got back to us.