The Register‘s John Leyden on the JavaScript troubles inflicted on Tumblr the other day:
A worm spread like wildfire across Tumblr on Monday, defacing pages on the blogging website with an abusive message penned by a notorious trolling crew.
The outbreak was triggered by the GNAA, a group of anonymous troublemakers who get their kicks from winding up bloggers with offensive posts.
Tumblr temporarily halted the publication of new journal posts to prevent the worm from spreading further before restoring the service to normal a few hours later.
[. . .]
“It appears that the worm took advantage of Tumblr’s reblogging feature, meaning that anyone who was logged into Tumblr would automatically reblog the infectious post if they visited one of the offending pages,” wrote Graham Cluley, senior technology consultant at Sophos.
“It shouldn’t have been possible for someone to post such malicious JavaScript into a Tumblr post — our assumption is that the attackers managed to skirt around Tumblr’s defences by disguising their code through Base 64 encoding and embedding it in a data URI,” he added.