backtop


Print 9 comment(s) - last by ElConquistador.. on Dec 4 at 11:05 PM

The Verge suggests attack may be related to recent guilty verdict for group member; Tumblr promises investigation

The offensively named cyber-troll/hacker organization "GNAA" has claimed responsibility for a wild campaign of attacks against Tumblr users.  Approximately 8,600 Tumblr users were affected, indicating the attackers may have found an underlying flaw in the popular microblogging platform's security process.

Most of the victims of the attack were personal blogs.  However, several news sites -- ReutersThe Verge, and others -- had their Tumblr accounts compromised, as well.

Tumblr has confirmed that the GNAA may be exploiting a security flaw, commenting:

There is a viral post circulating on Tumblr which begins "Dearest 'Tumblr' users". If you have viewed this post, please log out of all browsers that may be using Tumblr immediately. Our engineers are working to resolve the issue as swiftly as possible. Thank you.

Affect users had their normal feeds replaced with an offensive image urging users to commit suicide.

GNAA hack

The Verge has suggested that the attack may somehow be in retaliation for or connected to the recent guilty verdict for Andrew Auernheimer, aka "weev" or "Escher Auernheimer", a member of GNAA and the related subgroup "Goatse Sec".  Mr. Auernheimer was found guilty of two rather ambiguous cyber-crime charges -- spelled out in the Computer Fraud and Abuse Act of 1986 (18 USC § 1030) -- and faces a maximum sentence of five years in prison and a fine of up to $250,000 USD.   

Tumblr has responded with the following statement:

There is a viral post circulating on Tumblr which begins "Dearest 'Tumblr' users". If you have viewed this post, please log out of all browsers that may be using Tumblr immediately. Our engineers are working to resolve the issue as swiftly as possible. Thank you.

Sources: The Verge, Gary Niger on Twitter



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Point?
By Ammohunt on 12/3/2012 1:45:52 PM , Rating: 3
perhaps i am out of touch but what was the point of this hack? who is supposed to care?




RE: Point?
By geddarkstorm on 12/3/2012 2:28:44 PM , Rating: 2
Actually, I'm more curious about the implication that simply viewing the post could hack a user's tumblr account? Is that really true? That is a mighty enormous security gap if so.


RE: Point?
By Solandri on 12/3/2012 3:06:36 PM , Rating: 2
It's using a "feature" Tumblr added where you can automatically "reblog" stuff from someone else's Tumblr page onto your own.
http://www.wikihow.com/Reblog-Something-on-Tumblr

Basically they decided people having to cut and paste a URL was too hard, so they turned it into two clicks (reblog and confirm). So the worm just has to send those two clicks to the server when you view the page to spread itself.


RE: Point?
By Trisped on 12/3/2012 3:23:46 PM , Rating: 2
I was going to say it is a standard cookie attack, if you are logged in to a blog site it does not take much malicious code to start sending silent requests using the current user's login.

The harder thing in my mind is preventing the user from deleting the malicious post using the built in functions.
Does Tumblr not allow deleting posts?


"Intel is investing heavily (think gazillions of dollars and bazillions of engineering man hours) in resources to create an Intel host controllers spec in order to speed time to market of the USB 3.0 technology." -- Intel blogger Nick Knupffer














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki