Mac worm hacker vanishes from blogosphere

The anonymous blogger who claimed to have a Mac OS X worm has vanished, claiming his blog was hacked

Just days after claiming to have written a worm that could be used to attack Mac OS X systems, the anonymous blogger known as Infosecsellout has gone quiet.

His (or her or their) blog as been renamed. Old posts have been removed, the blog has been renamed "Security Information," and Infosecsellout says the blog is finished. Mysteriously, however, there are two new posts on the blog, one of which provides a link to information on the alleged worm.

But they are fake posts, according to Infosecsellout, who said the blog was hacked on Tuesday night and will not be revived.

"Infosecsellout is now dead," the anonymous blogger said in an e-mail message. "It was a great experiment to see how the industry could handle some honesty, which they can't. They are quick to attack the credibility of others in order to hide their own flaws."

Since he started blogging last year, Infosecsellout made his share of enemies, offering uncensored and occasionally amusing observations on computer security research and its practitioners. (He once called this reporter a "mindless hack" for reporting flaws in the beta version of Safari 3.0.)

The blogger said he needed to remain anonymous because of his unpopular opinions. "The last thing I want is some cry baby to involve my employer in things that I say on this blog," he wrote in January.

On Sunday, however, he may have crossed a line, in reporting that he had been "compensated" for writing a worm that could exploit a variation of a bug in Apple's Bonjour automatic network configuration service that was initially patched in May. The flaw lies in Bonjour's mDNSResponder, which is used to do things like discover printers or share iTunes files on a local area network, he wrote.

Though Infosecsellout provided nothing to back up his claim, the story was widely reported and security researchers began to investigate who may have been behind the blog.

Metasploit developer HD Moore said that he's "70 percent" sure he knows Infosecsellout's identity, based on a study of his posts and of e-mail messages from known people performed using a writing analysis tool called Unmask.

Moore wouldn't say whom he suspected, but he noted that Infosecsellout's blog vanished soon after he contacted his suspect. Like every other security researcher contacted Wednesday, he didn't buy Infosecsellout's story that the blog had been hacked.

"It seems like someone's getting worried that their cover is getting blown and they're doing cover-up," Moore said. "There's been a lot more attention from folks trying to unmask [Infosecsellout] in the past day or two."

A blogger going by the name of Cutaway, suggested that a hacker known as LMH could be behind the blog, but Moore said that this argument did not seem credible.

Thomas Ptacek, a researcher at Matasano Security, agreed that the blogger was probably not LMH. "My theory right now is that it's more than one person," he said.

In an e-mail message Infosecsellout said that the blog was written by a group of self-employed authors, but that appeared to contradict the blog's January post claiming that the author was worried about his employer being approached.

When asked to explain the apparent contradiction, the blogger said, "Even the self employed have employers that are subject to crybabies."

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments

Cool Tech

D-Link PowerLine AV2 2000 Gigabit Network Kit

Learn more >

D-Link TAIPAN AC3200 Ultra Wi-Fi Modem Router (DSL-4320L)

Learn more >

Lexar® Professional 1000x microSDHC™/microSDXC™ UHS-II cards

Learn more >

Crucial® BX200 SATA 2.5” 7mm (with 9.5mm adapter) Internal Solid State Drive

Learn more >

ASUS ROG Swift PG279Q – Reign beyond virtual world

Learn more >

Xiro Drone Xplorer V -3 Axis Gimbal & 1080p Full HD 14MP Camera

Learn more >

Gadgets & Things


Learn more >

Lexar Professional 2000x SDHC™/SDXC™ UHS-II cards

Learn more >

Lexar® Professional 1000x microSDHC™/microSDXC™ UHS-II cards

Learn more >

Family Friendly

ASUS VivoPC VM62 - Incredibly Powerful, Unbelievably Small

Learn more >

Lexar Professional 2000x SDHC™/SDXC™ UHS-II cards

Learn more >

Lexar® Professional 1000x microSDHC™/microSDXC™ UHS-II cards

Learn more >

Stocking Stuffer

Lexar Professional 2000x SDHC™/SDXC™ UHS-II cards

Learn more >

Lexar® Professional 1000x microSDHC™/microSDXC™ UHS-II cards

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Best Deals on PC World

Latest News Articles


GGG Evaluation Team

Kathy Cassidy


First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni


For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell


The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi


The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott


My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.


Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?