Cyber Police Ransomware

Cyber Police Ransomware Description

Type: Ransomware

The Cyber Police Ransomware is an encryption ransomware Trojan that was first observed on November 11, 2017. The Cyber Police Ransomware is being delivered to victims through the use of spam email messages with compromised file attachments. These files take the form of Microsoft Word documents with corrupted macro scripts that download and install the Cyber Police Ransomware onto the victim's computer. The Cyber Police Ransomware also may be delivered through social media spam messages and a variety of other methods. It is paramount to take precautions against the Cyber Police Ransomware and similar threats. These infections are designed to take the victims' files hostage, preventing victims from accessing their files, which become inaccessible after the Cyber Police Ransomware encrypts them.

When the 'Police' is the Bad Guy

The Cyber Police Ransomware is based on HiddenTear, an open source ransomware engine that's available on underground forums freely. The Cyber Police Ransomware uses the AES 256 encryption combined with the RSA encryption to make the victim's files inaccessible. The Cyber Police Ransomware brand the files it compromises in its attack with the file extension .'locked,' making it clear which files have been encrypted. The Cyber Police Ransomware will encrypt files that are generated by the user while avoiding the files necessary for Windows to function. This is because the Cyber Police Ransomware and similar threats need the victim's operating system to continue working so that they can deliver a ransom note and extract payment from the victim. Examples of the file types that may be targeted by ransomware attacks like the Cyber Police Ransomware include:

.3gp, .7z, .apk, .avi, .bmp, .cdr, .cer, .chm, .conf, .css, .csv, .dat, .db, .dbf, .djvu, .dbx, .docm, ,doc, .epub, .docx .fb2, .flv, .gif, .gz, .iso .ibooks,.jpeg, .jpg, .key, .mdb .md2, .mdf, .mht, .mobi .mhtm, .mkv, .mov, .mp3, .mp4, .mpg .mpeg, .pict, .pdf, .pps, .pkg, .png, .ppt .pptx, .ppsx, .psd, .rar, .rtf, .scr, .swf, .sav, .tiff, .tif, .tbl, .torrent, .txt, .vsd, .wmv, .xls, .xlsx, .xps, .xml, .ckp, .zip, .java, .py, .asm, .c, .cpp, .cs, .js, .php, .dacpac, .rbw, .rb, .mrg, .dcx, .db3, .sql, .sqlite3, .sqlite, .sqlitedb, .psd, .psp, .pdb, .dxf, .dwg, .drw, .casb, .ccp, .cal, .cmx, .cr2.

The Cyber Police Ransomware's Ransom Note and Ransom Amount

The Cyber Police Ransomware demands a ransom of approximately 100 USD to be paid through Bitcoins, an online currency typically used in these attacks because it provides an anonymous payment method. The Cyber Police Ransomware delivers a ransom note with the following text to the victim's computer:

Your documents, photos, databases and other important files have been encrypted with strong encryption and unique key, generated for this computer. The private decryption key is stored on a secret internet server, and nobody can decrypt your files until you will pay fine and then obtain the private key.
Go to hxxp://www.localbitcoins[.]com and buy Bitcoins worth of 100$ with your favorite payment method. Then through your account, send Bitcoins worth about 100$ to our Bitcoin address: 1NiGZiFPRqGdxB7ZpbcVsRUVqLJ2SjLsuM and indicate your email to receive the private decryption key via your email.'

This ransom note will show up as a pop-up program window on the victim's computer.

Dealing with the Cyber Police Ransomware

The Cyber Police Ransomware shows up on the infected computer running as an executable file named 'adobe.exe.' Unfortunately, once the Cyber Police Ransomware has encrypted the victim's files, they become unrecoverable. The best prevention against attacks like the Cyber Police Ransomware is to use file backups to ensure that files can be recovered if they become compromised as a result of a Cyber Police Ransomware infection.

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.