As with any online service that starts to get popular traction and experiences rapid growth, social network come micro-blog platform Tumblr has been the target of just about every kind of scam and attempted cyber-criminal subversion out there inclduing some of its own making. Most of the time it's not worth reporting on these as they fall into the 'same old, same old' category, and if we did then DaniWeb would be so awash with scam warnings that every other posting would be drowned into obscurity. However, this one is worthy of our attention.

Not least as it seems to be catching a lot of folk out, rather sadly. It's doing this by using that tried and tested methodology of telling a user that there's a way to cheat the system and get something in terms of functionality that The Powers That Be don't want you to have. In this case that something is the ability to post more than 250 times in a single day.

Yep, as Tumble 'power-users' will be all too aware there are limits on the number of posts you can roll, and that daily posting limit would appear to be 250 for the typical user. Even though, in reality, for all but the most prolific poster and the spamming fraternity, 250 is probably quite enough thank you very much; when faced with a limit we all want to break it as that's our nature. And so it is that there has been a spate of people offering a tool to post more than 250 times a day, a browser extension that will remove the limitation completely.

It is, of course, nonsense and will do nothing of the sort. What it will do, according to security researchers at Malwarebytes, is harvest your login data via a keylogger and send encrypted data back to the originator as well as uploading random desktop screen images to a remote host. Go check out the link for more technical detail, and in the meantime don't be fooled by extensions that promise to deliver the undeliverable. Sure, there is going to be software out there that can alter aspects of the UI for social networks within the client browser. But, before downloading anything you should always apply due diligence and go search online for the facts. Don't be an early adopter, instead be a wise old owl who bides their time and lets the wisdom of crowds come to the fore...

Edited by happygeek: unstuck

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

3 Years
Discussion Span
Last Post by HostBrink

Thanks for very useful information focusing tumblr users.... protected yourself from malware ....

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.