Auernheimer, aka "weev," a member of GNAA and Goatse Sec, faces a maximum sentence of five years in prison and a fine of up to $250,000 for stealing hundreds of thousands of iPad user credentials from AT&T and passing the information on to Gawker.
Tumblr users affected in the attack have had their feeds replaced with an offensive image urging users to commit suicide, according to the Verve, one of the accounts hacked.
Graham Cluley at Sophos noted that it appears the worm took advantage of Tumblr's reblogging feature, meaning that anyone who was logged into Tumblr would automatically reblog the infectious post if they visited one of the offending pages. Each affected post had some malicious code embedded inside them.
Tumblr has vowed a thorough investigation, meanwhile issuing a warning for users: “There is a viral post circulating on Tumblr which begins "Dearest 'Tumblr' users". If you have viewed this post, please log out of all browsers that may be using Tumblr immediately. Our engineers are working to resolve the issue as swiftly as possible. Thank you.”
It may have its work cut out for it. "It shouldn't have been possible for someone to post such malicious JavaScript into a Tumblr post – our assumption is that the attackers managed to skirt around Tumblr's defences by disguising their code through Base 64 encoding and embedding it in a data URI," said Cluley.