Author who claimed creation of Mac OS X worm receives death threats, kills blog

“The anonymous blogger who claimed to have a Mac OS X worm has vanished, claiming his blog was hacked,” Robert McMillan reports for IDG News Service.

“Just days after claiming to have written a worm that could be used to attack Mac OS X systems, the anonymous blogger known as Infosecsellout has gone quiet,” McMillan reports.

His (or her or their) blog as been renamed. Old posts have been removed, the blog has been renamed ‘Security Information,’ and Infosecsellout says the blog is finished. Mysteriously, however, there are two new posts on the blog, one of which provides a link to information on the alleged worm,” McMillan reports.

“But they are fake posts, according to Infosecsellout, who said the blog was hacked on Tuesday night and will not be revived,” McMillan reports.

“‘Infosecsellout is now dead,’ the anonymous blogger said in an e-mail message. ‘It was a great experiment to see how the industry could handle some honesty, which they can’t. They are quick to attack the credibility of others in order to hide their own flaws,'” McMillan reports. “Though Infosecsellout provided nothing to back up his claim, the story was widely reported and security researchers began to investigate who may have been behind the blog.”

Full article here.

Greg Keizer reports for Computerworld, “The hubbub started earlier this week, when a researcher responsible for the Information Security Sell Out (InfoSec) blog announced a proof-of-concept worm that exploited a Mac OS X vulnerability which Apple missed in a May round of patches. The vulnerability exploited by the worm was in mDNSResponder, a component of Apple’s Bonjour automatic network configuring service, InfoSec said then.”

“Criticism from Mac users and other security researchers was almost immediate, with the former focusing on crude insults and the latter concentrating on InfoSec’s refusal to identify himself or herself, or prove that the worm existed,” Keizer reports.

“Tuesday night, the InfoSec blog’s title changed to ‘Security Information…’ and all former postings, which began in January, had been deleted. When asked via e-mail Wednesday to explain the changes, InfoSec answered: ‘Blog was hijacked somehow. Also the blog stating I am associated with PHC on another Blog is false and a myth created by Dave Maynor who is involved in the hijacking of the Blog,'” Keizer reports.

“Dave Maynor, a researcher who last year was involved in a very public spat with Apple over a wireless hack demonstration he and a colleague gave at the Black Hat security conference, refused to be drawn into the argument with InfoSec. ‘I am not even going to comment on that stupidity,’ Maynor wrote in an e-mail responding to an offer to rebut or comment on InfoSec’s allegations,” Keizer reports.

Full article here.

MacDailyNews Take: As the worm turns.

74 Comments

  1. nothing is fool-proof. there are holes in everything. The secret is fixing it in a day or 2 and having it automatically updated on every mac within 72 hours. Not only does Apple close the holes, it finds other associated with the problem and gets those too. It’s the response that is more important than the actual security issue.

  2. I agree their is no perfectly secure OS, but if you’re going to accuse the most secure OS with the biggest fan base you a) need to no remain anonymous and b) prove that your exploit exists. Otherwise you’re just a troll looking for hits.

  3. Even if he was a faker, the reaction claimed from Mac users, while probably a small fanatical percentage, is pretty disturbing. Posting insults happens on this list happens too often; I can just imagine what happened on this guy’s blog. It’s far too easy for someone to post nasty comments anonymously.

    Unfortunately, the few people like this spoil it for the rest of us who would like to see people like this come forward, if they actually have any information.

    Interesting: MDN Magic Word: “attack”

  4. If there is such a thing as worm in Mac OS, why didn;t he just unleash it in the wild without chit chat. Prove it then maybe i will believe it.

    Anyway one or two worms won’t make me love my mac any less.

  5. and in the next story…..hacker gone mad, releases exploit in the wild!! Then it’ll really be a good soap…..

    i’m just sayin, this stuff’s as made up as the exploit is. I know my macs secure. =) and if not, i got faith  will fix it, in a timely fashion….i hope….

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.