“Dearest Tumblr User” Worm Spreading Spam on Tumblr, Seen It? Then Log Out Of Your Browser [UPDATED]

According to a report by The Next Web, there’s a hack making its way through some prominent Tumblr blogs, including The Verge and CNET.

Along with the spam on the pages itself, users are getting a popup message that would scare anyone’s mom. Trust me, we get these calls all of the time: “Should I click this?” In a word…NO.

Here’s a statement issued to us by a Tumblr spokesperson on the matter:

There is a viral post circulating on Tumblr which begins “Dearest ‘Tumblr’ users”. If you have viewed this post, please log out of all browsers that may be using Tumblr immediately. Our engineers are working to resolve the issue as swiftly as possible. Thank you.

They’ve also tweeted on the matter, which you know…is the new official press release:

Since a lot of us use Tumblr on a daily basis to keep us informed distracted, then this might just end up affecting you in some way. It’s sad to see any social service get affected on a mass schedule, since things inherently spread. And very quickly.

cnet_tumblr_worm-730x313

Among the victims are The Verge‘s and CNET‘s Tumblrs, which include a message about a ‘GNAA video’ post. It’s advisable for users to avoid visiting Tumblr blogs directly until the issue is resolved, and definitely not to click on any GNAA posts with a video inside nor accompanying links.

The attack itself appears to come from a group of Internet trolls, posting this message to prominent Tumblr sites:

tumblr-hackWe have taken the liberty of upgrading your (rather tasteless, we must say) blog to our premier GNAA Deluxe Gary Niger (pictured to the left) Signed Edition! This is in response to the seemingly pandemic growth and world-wide propagation of the most FUCKING WORTHLESS, CONTRIVED, BOURGEOISIE, SELF-CONGRATULATING AND DECADENT BULLSHIT THE INTERNET EVER HAD THE MISFORTUNE OF FACILITATING. However, we do not believe you are beyond redemption! All you have to do is DRINK BLEACH AND DIE
YOU EMO, SELF-INSISTING, SELF-DEPRECATING, SELF-INDULGENT EMPTY HUSKS OF HUMAN BEINGS. REPEAT AFTER ME: I WISH I WAS PROFOUND, BUT I’M NOT! I WISH I WAS ORIGINAL, BUT I’M NOT! I WISH MY IMPENDING DEATH WAS OF ANY CONSEQUENCE, BUT IT IS MOST CERTAINLY NOT! Your last chance for redemption hinges upon your death; your death which was most fortunately prescribed by your most unfortunate birth. Fret not, dear emo, your death will be regarded as a sacrifice to humanity; to die a martyr is a glorious death, and will likely be your highest contribution to society.

SHOUTZ: LITERALKA – DOLPHIN/DZL – BERRY/BRR – RORY – INFID3L – INCOG

P.S. Attempting to delete these posts will delete your tumblr account ;] But, by all means, go ahead!

We’ve checked our Crumblr, and it looks like we’re ok…but we’ll remain vigilant. So should you.

This is developing and Tumblr will let us know the status of its efforts to correct this.

UPDATE: A Tumblr spokesperson has told TechCrunch that the issue is resolved; however we’re still trying to find out what happened and why. The word on the street is that Tumblr was alerted about this weeks ago.

Tumblr engineers have resolved the issue of the viral post attack that affected a few thousand Tumblr blogs earlier today. Thank you for your patience.

UPDATE 2: Tumblr has put up a blog post about what happened today, saying:

This morning, some of you may have noticed a spam post appearing repeatedly on your Dashboard and on the blogs of a few thousand affected accounts. We quickly identified the source, removed the posts, and restored service to normal. No accounts have been compromised, and you don’t need to take any further action. Our sincere apologies for the inconvenience. As always, we are going to great lengths to make sure this type of abuse does not happen again.

Details on how or why it happened still aren’t known.

[Photo credit: Flickr, The Next Web]