“The anonymous blogger who claimed to have a Mac OS X worm has vanished, claiming his blog was hacked,” Robert McMillan reports for IDG News Service.
“Just days after claiming to have written a worm that could be used to attack Mac OS X systems, the anonymous blogger known as Infosecsellout has gone quiet,” McMillan reports.
“His (or her or their) blog as been renamed. Old posts have been removed, the blog has been renamed ‘Security Information,’ and Infosecsellout says the blog is finished. Mysteriously, however, there are two new posts on the blog, one of which provides a link to information on the alleged worm,” McMillan reports.
“But they are fake posts, according to Infosecsellout, who said the blog was hacked on Tuesday night and will not be revived,” McMillan reports.
“‘Infosecsellout is now dead,’ the anonymous blogger said in an e-mail message. ‘It was a great experiment to see how the industry could handle some honesty, which they can’t. They are quick to attack the credibility of others in order to hide their own flaws,'” McMillan reports. “Though Infosecsellout provided nothing to back up his claim, the story was widely reported and security researchers began to investigate who may have been behind the blog.”
Full article here.
Greg Keizer reports for Computerworld, “The hubbub started earlier this week, when a researcher responsible for the Information Security Sell Out (InfoSec) blog announced a proof-of-concept worm that exploited a Mac OS X vulnerability which Apple missed in a May round of patches. The vulnerability exploited by the worm was in mDNSResponder, a component of Apple’s Bonjour automatic network configuring service, InfoSec said then.”
“Criticism from Mac users and other security researchers was almost immediate, with the former focusing on crude insults and the latter concentrating on InfoSec’s refusal to identify himself or herself, or prove that the worm existed,” Keizer reports.
“Tuesday night, the InfoSec blog’s title changed to ‘Security Information…’ and all former postings, which began in January, had been deleted. When asked via e-mail Wednesday to explain the changes, InfoSec answered: ‘Blog was hijacked somehow. Also the blog stating I am associated with PHC on another Blog is false and a myth created by Dave Maynor who is involved in the hijacking of the Blog,'” Keizer reports.
“Dave Maynor, a researcher who last year was involved in a very public spat with Apple over a wireless hack demonstration he and a colleague gave at the Black Hat security conference, refused to be drawn into the argument with InfoSec. ‘I am not even going to comment on that stupidity,’ Maynor wrote in an e-mail responding to an offer to rebut or comment on InfoSec’s allegations,” Keizer reports.
Full article here.
MacDailyNews Take: As the worm turns.
“Holly homicide Batman!! ” Is it Christmas already Greg L?
i can’t understand, or believe, that a phone number can cause any trouble, the dial feature does not use links that can contain hidden phone numbers, but detects VISIBLE phone numbers in text.
and, why is he accusing the “industry” ? that just doesn’t sound right.
ok sorry, this is about another worm
” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
Anyone who thinks that OS X can’t be hacked is dreaming. Nevertheless, no one is really doing it yet. This jerk-off posted an anonymous claim devoid of substantiating details and wonders why people threw rotten tomatoes. Next.
“On Sunday, however, he may have crossed a line, in reporting that he had been “compensated” for writing a worm that could exploit a variation of a bug in Apple’s Bonjour automatic network configuration service that was initially patched in May. “
not ethical.
So this fukwad is trying to pretend he discovered something that was reported in mid May and Apple has already issued a Security Update to fix it? Unbelievable! Could MS be behind this?
Mr Ballmer up to his old tricks again!
He lied. The lie grew bigger than him. He had to disappear. Very simple, really.
It’s no longer a joke.
Mac users are kool-aid drinking, Steve Jobs worshiping, cult freaks.
As usual Daniel Eran has a good take on events
http://www.roughlydrafted.com/RD/RDM.Tech.Q3.07/32AF5D25-4239-4C06-8B37-5D33CA21770B.html
These people are becoming terrorists in all but name.
LOL!
This is hillarious!
A hacker gets hacked – rofl!
Looks like there is no honour among thieves – or hackers.
I assume he pissed of some other hacker, maybe someone who works for the mafia or someother illegal organised crime organisation and they hacked him so they could get his worm data.
He got what he deserved – play with fire and you are gonna get burned!
I wonder how he is getting on with testing it on his network of 1500 Macs? (Which have all had to live in splendid isolation from any Apple Updates – because the fix was published in May).
What is the point of making a hack that does not work anymore?
As soon as anyone runs software update then the hack is fixed.
It seems totally pointless and a waste of time to me writing a hack that has already been fixed.
If he’s gonna do a hack make sure that it works on the latest version of the OS – or is that too much like common sense?
O.o
Does anyone know what has happened to As the Apple turns.. http://www.appleturns.com? The last post is from 2005. Are these people still alive and well? I miss them. Does anyone know?
@ lbuschjr, don’t make this “security” person out to be a saint. Remember the vengeful remarks about some people needing to be treated like children and so on. Many potential security threats and other bugs are routinely reported without any fanfare.
So, yes, another *hole is plugged.
Just where in this article does it say he received “death threats”? He was worried about complications involving his employer finding out. His blog is dead. It never says that he was personally threatened. Just another BS headline guaranteed to capture eyeballs. Not sure I’ll bother visiting this site again.
“It seems totally pointless and a waste of time to me writing a hack that has already been fixed.”
I suspect many of the exploits out there making money for evildoers are for flaws that are already patched. The point is that not everyone gets the patches.
The first thing that happens after Microsoft’s “Patch Tuesday” is “Look for Exploits Wednesday”. Hackers look at what the patches are patching, get clued in as to what the problem was and write malware to exploit that problem. Then they sell the exploit to third-parties who want access to people’s PCs (for spamming, to use them in DoS attacks, whatever) and so it goes on.
As for this P.O.C. worm, my understanding is that it doesn’t target something that’s already fixed. The writer has claimed that it targets problems _similar_ to those that were in the patch mentioned but that remain unpatched.
I don’t know why he’s written the worm – if he has – and what the “compensation” is for. It doesn’t appear he’s sold it as an attack tool to people looking for CPU cycles for nefarious purposes. And, he says the worm is not “weaponized” (although he says it could be). Moreover, he says he will report to Apple – just not immediately.
What this smells like is that he’s been paid by some deep-pocketed Windows user envious of Apple’s reputation for delivering secure software to write it just to give Apple bad publicity.
If so, it’s a pretty mean-minded thing to do. Microsoft _deserved_ all its bad publicity, because, however secure its software is now (and I expect it is so only up to a point) it shipped stuff that leaked like a sieve for years and years. It shipped stand-alone OSes, like Windows 98, that weren’t architecturally suitable for internet use; it shipped email clients that ran scripts; it bound its browser into the OS and allowed it to run dangerous ActiveX controls for anti-competitive reasons despite the obvious dangers; it didn’t turn the firewall on by default until XP SP2; it had too many daemons (Services in MS-speak) running until XP SP2; and so on and so forth. In fact, things had got so bad that Jim Allchin had to tell Gates flat that things could just not go on in the same way.
Windows users ought to angry at MS for the casual attitude they’ve taken towards security over the years not envious of Apple users, because they’re not plagued with the problems they suffer from.
As for Apple users, they _don’t_ believe their OS is “invulnerable” — a ludicrous claim made by Windows fanboys. Everyone knows regular updates are coming through Software Update and that some of those are for security holes. They are aware that Apple has not exposed them in the way Microsoft casually and unforgivably exposed its users over many years. That’s the truth; and if that upsets Windows users with an unhealthy emotional attachment to their abusive vendor, too bad.
Yesterday in my comment on this same subject I offered a bet of 50 bucks that within a week this thing will turn out to be a hoax. Unfortunately I had no takers. (And I was planning on dinner for 2 at Arigato’s…shucks)
Article says: “…security researchers began to investigate who may have been behind the blog.”
Picture the dog in the “Wizzard of Oz” pulling back the curtain to reveal the wimpy, disheveled “wizzard.” It’s probably Steve Ballmer behind this worm story. After the iPhone’s success, he’s probably squirming like a worm right now.
A ‘security wizard(s)’ who can’t protect his/her/their own site???
@MacMan51:
The threats were detailed in the article to which MDN placed a link.
<u>From the article:</u>
According to InfoSec, some of the comments left earlier included death threats. In a posting — since deleted, more on that below — from Tuesday, InfoSec listed comments he refused to allow to be posted to the blog. Among them:
– “You are lucky you are anonymous or I would put a bullet in your head for this!” — Anonymous
…
– “I dare you to demonstrate this at Defcon you ***** Microsoftie. We will drag you out, put a bullet in you, and bury your body so deep it will take a nuclear blast to find your body.” — Anonymous
Is this OS X security at its best. Way to go Steve. Watch out hackers for the OS X security squad.
@doc, @neomonkey:
According to the information published about this alleged worm, this would be a vulnerability that has not been addressed by any of Apple’s updates.
So the claim must be about a different bug related to the mDNSResponder, or the same one if the patch itself was buggy.
I have a hard time believing any of this. A benevolent hacker (aka security researcher) should not be anonymous, and if he has shared the info with Apple some time ago as he alleges, what is stopping him from publishing it?
That was one sick post.
What a pity we can’t exclude certain types from the OS X party…
The blogger probably got a life.
Blogging is what you do until life happens.