Trolling Group GNAA Claims “Brony” Culture Was Target of Today’s Nasty Attack on Tumblr

Future Tense
The Citizen's Guide to the Future
Dec. 3 2012 2:05 PM

Trolling Group GNAA Claims “Brony” Culture Was Target of Today’s Nasty Attack on Tumblr

The blogging site Tumblr was hit Monday with a virus

On Monday morning, the notorious anti-blogging trolling hacker group GNAA  hacked Tumblr, propagating a worm in the disguise of a racist spam message urging users to kill themselves.

The original target appears to have been the “brony” tag on tumblr—bronies being the adult, male fans of the children's show My Little Pony: Friendship Is Magic. The first Tumblrs that were infected, including the Internet culture site the Daily Dot, used the brony tag, and from there, it seems, thousands of other Tumblrs fell victim, including those belonging to USA Today, the Verge, and Reuters. In a press release announcing today’s attack (warning: click at your own risk), GNAA insults brony culture with racist, inflammatory language typical of trolls, before mentioning an upcoming “brony-removal drive.” 


The group claims to have infected 8,600 individual Tumblrs with the worm. 

GNAA is a trolling group that has been around since 2002, and in that time it has targeted everyone from conspiracy theorist Alex Jones and CNN to Barack Obama's campaign websites. Internet watchers may remember the name GNAA when the group pranked media outlets during Hurricane Sandy with fake tweets claiming that they were looting evacuated houses. (One fake tweet, for instance, had a member stealing a cat.) As a trolling group, the GNAA has no real defined mission, other than to wreck havoc on the Internet.

In a Twitter DM exchange, GNAA’s Interim Vice President  @Ms_meepsheep told me he or she had uncovered the vulnerability  about a month ago that allowed them to spam this image. The attack itself took about a week of planning which included “a massive phishing scam by sister troll group #dongforce.”

Some outlets have speculated the Tumblr hack is related to the video embed field on Tumblr, but @Ms_meepsheep says it exploits vulnerabilities in “multiple fields, including all mobile post fields.” He or she continued, “Lazy developers, far too incompetent to sanitize input, are the ones to blame. As long as web developers do not care about their users, hackers (or script kiddies depending on point if view) will be there to exploit their errors. Expect more fun from the GNAA in the future. ...”

@Ms_meepsheep claims Tumblr actually knew about these vulnerabilities “damn well in advance,” as  he or she has “emails sent to cloudfare that prove this.” When pressed for more information,  @Ms_meepsheep claims “Tumblr emailed cloudfare over a box that was exploiting this before the final hit today,” before directing me to an Encyclopedia Dramatica article (think Wikipedia for Internet phenomena—and NSFW*) containing an email from Tumblr employee Christopher Price.   

*This post was updated at 2:30 Eastern to note that Encyclopedia Dramatic may be NSFW.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Fruzsina Eördögh is a freelance writer covering digital culture and technology. Follow her on Twitter.


The World

How Canada’s Shooting Tragedies Have Shaped Its Gun Control Politics

Where Ebola Lives Between Outbreaks

Gunman Killed Inside Canadian Parliament; Soldier Shot at National Monument Dies

Sleater-Kinney Was Once America’s Best Rock Band

Can it be again?

Paul Farmer: Up to 90 Percent of Ebola Patients Should Survive

Is he right?


“I’m Not a Scientist” Is No Excuse

Politicians brag about their ignorance while making ignorant decisions.


Driving in Circles

The autonomous Google car may never actually happen.

In Praise of 13th Grade: Why a Fifth Year of High School Is a Great Idea 

PowerPoint Is the Worst, and Now It’s the Latest Way to Hack Into Your Computer

  News & Politics
Oct. 22 2014 9:42 PM Landslide Landrieu Can the Louisiana Democrat use the powers of incumbency to save herself one more time?
Continuously Operating
Oct. 22 2014 2:38 PM Crack Open an Old One A highly unscientific evaluation of Germany’s oldest breweries.
Gentleman Scholar
Oct. 22 2014 5:54 PM May I Offer to Sharpen My Friends’ Knives? Or would that be rude?
  Double X
The XX Factor
Oct. 22 2014 4:27 PM Three Ways Your Text Messages Change After You Get Married
  Slate Plus
Tv Club
Oct. 22 2014 5:27 PM The Slate Walking Dead Podcast A spoiler-filled discussion of Episodes 1 and 2.
Brow Beat
Oct. 22 2014 9:19 PM The Phone Call Is Twenty Minutes of Pitch-Perfect, Wrenching Cinema
Future Tense
Oct. 22 2014 5:33 PM One More Reason Not to Use PowerPoint: It’s The Gateway for a Serious Windows Vulnerability
  Health & Science
Wild Things
Oct. 22 2014 2:42 PM Orcas, Via Drone, for the First Time Ever
Sports Nut
Oct. 20 2014 5:09 PM Keepaway, on Three. Ready—Break! On his record-breaking touchdown pass, Peyton Manning couldn’t even leave the celebration to chance.