Phony Verizon MMS Files Harbor Trojans | eWeek

Phony Verizon MMS Files Harbor Trojans

Written By
Matthew Hines
Matthew Hines
Oct 15, 2008
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Security researchers are warning of a new malware campaign through which Trojan threats are being advertised under the guise of Verizon MMS messages.

As first reported by Webroot, Verizon’s popularity and broad customer base are being leveraged by attackers to direct the infected messages to people who subscribe to its services or communicate regularly with others who do so.

The attacks are being spammed out to scads of end users with the MMS file attached, and once someone opens the infected document they are hit with a file named “VerizonMMS.4837192” which not only drops a Trojan on their machines but also seeks to establish a connection with external URLs that attempt to download additional malware.

“We are now seeing hackers use the Verizon Wireless name to send spam e-mails to PC users who unknowingly open a fake MMS which launches a Trojan to drop infected files onto their computers,” said Paul (“The Captain“) Piccard, director of Threat Research at Webroot. “Hackers typically use downloads like this to harvest users’ personal information — not to mention soak up significant bandwidth from users’ computers.”

While the attacks aren’t particularly complex, the sheer volume of the related spam being monitored by Webroot makes the campaign worth noting, researchers said.

Corrupt MMS files have been used to spirit malware onto end users’ machines for almost as long as they’ve been around. The new campaign is clearly just the bad guys coming back around to the platform, as they are wont to do, since other things, like fake AV programs, have been in higher circulation of late.

What will be interesting is if we see the activity cross over to mobile devices, as it’s been proven before that you can use infected MMS files to crash Windows Mobile devices.

Suffice to say, don’t open any Verizon MMS messages unless you’re really really sure where they’ve come from.

Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.