The code would direct users to a login page if they were not logged into Tumblr at the time, but if they were logged in, it would reblog the message in the user's account. As the message contained the malicious code, the worm was spread through the reblogging. As an extra factor for confusion, on leaving the page, it was possible that the malicious code would display a dialog claiming Tumblr would be down for maintenance for several hours.TheHSecurity
Tumblr Trojan Trouble
The Tumblr microblogging platform was the victim of a worm that reblogs unpleasant messages from the writer(s) of the malware. While the initial outbreak has since been tamped down, allegedly the underlying issue allowing the outbreak has not yet been addressed.