Why isn’t Tumblr doing anything about this? Please note that this attack has absolutely nothing to do with the Missing e browser extension! A while back there was a serious problem with a lot of blogs posting fake “staff” posts about Starbucks coupons or other spam-related things. That problem is still going on. I’m pretty sure it is linked to what you see in the above photo. Quite a few Tumblr blogs that have been compromised (had their password stolen) have had a few lines of JavaScript added to their themes that cause a pretty big FAKE Tumblr login screen to show up, insisting that the blog you are viewing is somehow 18+ and you have to enter your login to continue. ~ Why is this a problem? ~ This is pretty bad, considering many people on Tumblr are not exceeding tech-savvy. I mean, the thing looks legitimate. I wouldn’t be surprised if quite a few people have just given their passwords away because of this thing. Then, their blog theme is itself changed to continue propagating this phishing attack. To be clear, you should never enter your password into any page that is not a secure Tumblr page. Here’s a staff post on how to recognize a secure page. ~ What should Tumblr be doing? ~ The script actually loads from a server in China (IP: 222.47.112.220), but beyond that I can’t really work out anything about who is behind it. The real question I have is why Tumblr hasn’t done anything about this. Other than posting helpful information on recognizing secure Tumblr pages, they don’t seem to be doing very much! I would expect that it would be possible for Tumblr to prevent this script from actually running on themed blog pages, considering it can be traced directly to a malicious server. I’m thinking about adding something into Missing e to get rid of these fake login boxes, but that doesn’t solve the problem by a long shot! ~ What to do if your account is a victim ~ If your blog is posting spam or your themed blog shows the fake login screen, you can fix it! First things first, change your password! When you do so, make sure the page you are on is a secure Tumblr page (how to recognize one) Second, if your blog has the fake login screen, you need to reset your blog’s theme! If that isn’t possible, you can go in and remove the offending code. It is a couple of lines near the bottom of your theme code that start and end with <script> tags and has a bunch of code with seemingly random numbers and letters
Pop-upView Separately

Why isn’t Tumblr doing anything about this?

Please note that this attack has absolutely nothing to do with the Missing e browser extension!

A while back there was a serious problem with a lot of blogs posting fake “staff” posts about Starbucks coupons or other spam-related things. That problem is still going on.

I’m pretty sure it is linked to what you see in the above photo. Quite a few Tumblr blogs that have been compromised (had their password stolen) have had a few lines of JavaScript added to their themes that cause a pretty big FAKE Tumblr login screen to show up, insisting that the blog you are viewing is somehow 18+ and you have to enter your login to continue.

~ Why is this a problem? ~

This is pretty bad, considering many people on Tumblr are not exceeding tech-savvy. I mean, the thing looks legitimate. I wouldn’t be surprised if quite a few people have just given their passwords away because of this thing. Then, their blog theme is itself changed to continue propagating this phishing attack.

To be clear, you should never enter your password into any page that is not a secure Tumblr page. Here’s a staff post on how to recognize a secure page.

~ What should Tumblr be doing? ~

The script actually loads from a server in China (IP: 222.47.112.220), but beyond that I can’t really work out anything about who is behind it.

The real question I have is why Tumblr hasn’t done anything about this. Other than posting helpful information on recognizing secure Tumblr pages, they don’t seem to be doing very much! I would expect that it would be possible for Tumblr to prevent this script from actually running on themed blog pages, considering it can be traced directly to a malicious server.

I’m thinking about adding something into Missing e to get rid of these fake login boxes, but that doesn’t solve the problem by a long shot!

~ What to do if your account is a victim ~

If your blog is posting spam or your themed blog shows the fake login screen, you can fix it!

  • First things first, change your password! When you do so, make sure the page you are on is a secure Tumblr page (how to recognize one)
  • Second, if your blog has the fake login screen, you need to reset your blog’s theme!
    • If that isn’t possible, you can go in and remove the offending code. It is a couple of lines near the bottom of your theme code that start and end with <script> tags and has a bunch of code with seemingly random numbers and letters

1163 Notes/ Hide

  1. oxbonkus reblogged this from anatsuno
  2. ghostcali reblogged this from spliffy-
  3. thebadcat reblogged this from thegeekmaster
  4. thegeekmaster reblogged this from reality-breaker
  5. theeviltrumpeter reblogged this from reality-breaker
  6. padapiomenos reblogged this from reality-breaker
  7. reality-breaker reblogged this from spliffy-
  8. suspendedmind reblogged this from shamelesswhore
  9. shamelesswhore reblogged this from spliffy-
  10. spliffy- reblogged this from cutlerish
  11. jackingymboy reblogged this from kente
  12. baconrice reblogged this from ohshesvain
  13. ohshesvain reblogged this from hardlvck
  14. hardlvck reblogged this from ms-pufferfish
  15. yeahicanfly reblogged this from codexofcorruption
  16. amizzled reblogged this from cutlerish
  17. codexofcorruption reblogged this from cutlerish and added:
    Don’t get fooled! There...phishing scam that’s in...does not...
  18. melimelo85 answered: ????? what is this
  19. sorion reblogged this from motifsky
  20. tellyousomeday reblogged this from cutlerish
  21. ke7in reblogged this from do-not-open-til-christmas
  22. greenmage reblogged this from 7583310-eeeewwww
  23. marvous reblogged this from motifsky
  24. motifsky reblogged this from morbidfashion
  25. paulsimonon reblogged this from deucecourtesans
  26. kristnovoselicslegs reblogged this from lifewasted
  27. my-star-is-fading reblogged this from lifewasted
  28. deucecourtesans reblogged this from lifewasted
  29. shelephant reblogged this from sophiedeveraux and added:
    Ugh. I’ve had some followers message me these things. :| It’s a shame. Always blocked and deleted the messages. Hope...
  30. kente reblogged this from sanderspig
  31. powerinsideofme reblogged this from jakesmonstersnake
  32. 7583310-eeeewwww reblogged this from jakesmonstersnake
  33. jakesmonstersnake reblogged this from cubnc
  34. sanderspig reblogged this from cubnc
  35. cubnc reblogged this from bobsroadhouse