Webroot® Threat Advisory: Hackers Infecting Computers with Phony Verizon Multimedia Messages

Malicious Files Activated When Consumers Open Spam E-Mail

Boulder, CO – October 15, 2008

Webroot, a leading provider of security solutions for the consumer, enterprise and SMB markets, has detected a new malicious download disguised as a legitimate multimedia message service (MMS).

"We are now seeing hackers use the Verizon Wireless name to send spam e-mails to PC users who unknowingly open a fake MMS which launches a Trojan to drop infected files onto their computers," said Paul Piccard, director of Threat Research, Webroot. "Hackers typically use downloads like this to harvest users' personal information - not to mention soak up significant bandwidth from users' computers."

PC users targeted with this fraudulent spam receive a MMS that, when opened, activates the download of a file called "VerizonMMS.4837192." Once downloaded, the file instantly infects the PC with malware and also establishes connections to external Web sites that infect the computer with additional malware.

"While it's no surprise hackers continue to evolve how they attack PC users, the sheer volume of Verizon Wireless customers who may be deceived by this new threat means its effect may be significant," said Paul Lipman, Webroot's senior vice president and general manager of Consumer Business. "Webroot is committed to helping consumers avoid being compromised by this and any other threat. In addition to identifying and bringing new threats to light, we always advise PC users to have an up-to-date, best-in-class antispyware, antivirus and firewall software in place to secure personal and confidential information."

Webroot recommends several steps to users to prevent this type of malware attack:

  1. Always have a current version of antispyware, antivirus and firewall product; 
  2. Make sure the computer is up to date by always installing the latest Microsoft or Apple security updates;
  3. Never download free products or purchase them from unknown Web sites and vendors, or peer to peer networks;
  4. Download videos and other multimedia files only from known and trusted Web sites or blogs; and
  5. Use a credit card that has sufficient fraud protection when shopping and never use a debit card online.

©2014 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, and Webroot SecureAnywhere are trademarks or registered trademarks of Webroot Inc. in the United States and other countries.

SOBRE WEBROOT

Webroot® is the market leader in cloud-based, real-time internet threat detection for consumers, businesses and enterprises. We have revolutionized internet security to protect all the ways users connect online. Webroot delivers real-time advanced internet threat protection to customers through its BrightCloud® security intelligence platform, and its SecureAnywhere™ suite of cloud-based security products for endpoints, mobile devices and corporate networks. Mais de 7 milhões de consumidores, 1,5 milhões de utilizadores empresariais e 1,3 milhões de utilizadores móveis encontram-se protegidos pela Webroot. Market-leading security companies, including Cisco, F5 Networks, GateProtect, HP, Microsoft, Palo Alto Networks, Proofpoint, RSA and others choose Webroot to provide advanced Internet threat protection for their products and services. Founded in 1997 and headquartered in Colorado, Webroot is the largest privately held internet Security Company in the United States – operating globally across North America, Europe and the Asia Pacific region. For more information on our products and services, visit www.webroot.com.