Security researchers at McAfee are hot on the trail of a recent post at the Infosecsellout blog that claimed the availability of a proof-of-concept worm for Apple’s Mac OS X system.

The post was available on Sunday, then soon removed, and now alludes to an Apple worm and links to a SecurityFocus vulnerability alert.

Researcher Francois Paget from McAfee posted on the Avert Labs Blog that the story shows Mac with Intel is bound to be a target.

“As we were researching this announcement, we soon discovered that more accurate and interesting information was originally posted – but rapidly removed – on that blog. If you visited it on Sunday, you were able to read a note from the man who claims to be the worm author. His motivations were clearly visible: ‘I wrote this for my own purposes and it will be demonstrated to those who asked me to engage in this work. Yes, I am being compensated for this.’”

Citing the earlier post, Paget said the following:

“In this blog entry, the possible author gives some details about its proof of concept, which could be easily changed to be more malicious.

He said his code uses a non patched variation of the MDNSResponder vulnerability recently fixed by Apple. According to this guy, the worm gives remote root access, compromises its first system, places a text file on the desktop and moves on to attempting to compromise other systems on the same network.”

So, as of this post, there is no PoC Apple worm available, at least not on the Infosecsellout blog. But it is suggested that one could be created to exploit this newly found flaw.

As for what actually happened, an anonymous posted suggested that the blog had been hijacked by another person looking for attention.