Hi Pernaman & Eddy,
There are always sub-domain holders that try to abuse. But there are always two parties involved to tango, and from this scan you can see tumblr dot com is also at fault with dns errors and blacklisting warnings:
http://mxtoolbox.com/domain/viktori6xhazov.tumblr.com/ so it also their sloppy hosting and IT-management causing this and not only the malcreants. Also see:
http://www.dnsinspect.com/tumblr.com/1449501846- name servers without AAAA records.
- WARNING: Name servers software versions are exposed.
- WARNING: We found different serial numbers on your name servers, it's OK if you had modified your zone recently.
So sub-domain zone-transfers taking place, so it's a free for all like in the wild wild west
- WARNING: Primary name server ns0.dnsmadeeasy.com. listed in SOA Record is not found at the parent name servers. The MNAME field defines the Primary Master name server for the zone, this name server should be found in your NS records.
- WARNING: MX records duplicates (same IP address):
So markmonitor aka google should inspect what sub-domains they are allowing:
http://whois.domaintools.com/tumblr.comThey should keep an eye on what goes on on IP 66.6.41.30 for instance with - 69 other sites hosted on this server.
Now you see how the conditions for this abuse arose, and action come when abuse has already been going on for quite some time. I do not see any pro-active hosting here. The drawbacks of bulk-hosting, my friends.
polonus (volunteer website security analyst and website error-hunter)