Webroot® Threat Advisory: Hackers Infecting Computers with Phony Verizon Multimedia Messages

Malicious Files Activated When Consumers Open Spam E-Mail

Boulder, Colo., October 15, 2008

Webroot, a leading provider of security solutions for the consumer, enterprise and SMB markets, has detected a new malicious download disguised as a legitimate multimedia message service (MMS).

“We are now seeing hackers use the Verizon Wireless name to send spam e-mails to PC users who unknowingly open a fake MMS which launches a Trojan to drop infected files onto their computers,” said Paul Piccard, director of Threat Research, Webroot. “Hackers typically use downloads like this to harvest users’ personal information – not to mention soak up significant bandwidth from users’ computers.”

PC users targeted with this fraudulent spam receive a MMS that, when opened, activates the download of a file called “VerizonMMS.4837192.” Once downloaded, the file instantly infects the PC with malware and also establishes connections to external Web sites that infect the computer with additional malware.

“While it’s no surprise hackers continue to evolve how they attack PC users, the sheer volume of Verizon Wireless customers who may be deceived by this new threat means its effect may be significant,” said Paul Lipman, Webroot’s senior vice president and general manager of Consumer Business. “Webroot is committed to helping consumers avoid being compromised by this and any other threat. In addition to identifying and bringing new threats to light, we always advise PC users to have an up-to-date, best-in-class antispyware, antivirus and firewall software in place to secure personal and confidential information.”

Webroot recommends several steps to users to prevent this type of malware attack:

1. Always have a current version of antispyware, antivirus and firewall product; 
2. Make sure the computer is up to date by always installing the latest Microsoft or Apple security updates;
3. Never download free products or purchase them from unknown Web sites and vendors, or peer to peer networks;
4. Download videos and other multimedia files only from known and trusted Web sites or blogs; and
5. Use a credit card that has sufficient fraud protection when shopping and never use a debit card online.

For more information on being protected online, go to: http://www.webroot.co.uk/En_GB/csc.html

ABOUT WEBROOT

Webroot is bringing the power of software-as-a-service (SaaS) to Internet security with its suite of Webroot® SecureAnywhere™ offerings for consumers and businesses. Webroot also offers security intelligence solutions to organizations focused on cyber-security, such as Palo Alto Networks, F5, Corero, Juniper, and others. Founded in 1997 and headquartered in Colorado, Webroot is the largest privately held Internet security organization based in the United States. For more information, visit http://www.webroot.com or call 800.772.9383. Read the Webroot Threat Blog: http://blog.webroot.com. Follow Webroot on Twitter: http://twitter.com/webroot.

©2013 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, and Webroot SecureAnywhere are trademarks or registered trademarks of Webroot Inc. in the United States and other countries.

Press Room

• Reviews and Awards
• Media Resources
  • Image Gallery
  • Reviewer Information Kit
• In the News
• Press Releases
• Press Inquiries