Cyber Police Ransomware

Cyber Police Ransomware Description

The Cyber Police Ransomware is an encryption ransomware Trojan that was first observed on November 11, 2017. The Cyber Police Ransomware is being delivered to victims through the use of spam email messages with compromised file attachments. These files take the form of Microsoft Word documents with corrupted macro scripts that download and install the Cyber Police Ransomware onto the victim's computer. The Cyber Police Ransomware also may be delivered through social media spam messages and a variety of other methods. It is paramount to take precautions against the Cyber Police Ransomware and similar threats. These infections are designed to take the victims' files hostage, preventing victims from accessing their files, which become inaccessible after the Cyber Police Ransomware encrypts them.

When the 'Police' is the Bad Guy

The Cyber Police Ransomware is based on HiddenTear, an open source ransomware engine that's available on underground forums freely. The Cyber Police Ransomware uses the AES 256 encryption combined with the RSA encryption to make the victim's files inaccessible. The Cyber Police Ransomware brand the files it compromises in its attack with the file extension .'locked,' making it clear which files have been encrypted. The Cyber Police Ransomware will encrypt files that are generated by the user while avoiding the files necessary for Windows to function. This is because the Cyber Police Ransomware and similar threats need the victim's operating system to continue working so that they can deliver a ransom note and extract payment from the victim. Examples of the file types that may be targeted by ransomware attacks like the Cyber Police Ransomware include:

.3gp, .7z, .apk, .avi, .bmp, .cdr, .cer, .chm, .conf, .css, .csv, .dat, .db, .dbf, .djvu, .dbx, .docm, ,doc, .epub, .docx .fb2, .flv, .gif, .gz, .iso .ibooks,.jpeg, .jpg, .key, .mdb .md2, .mdf, .mht, .mobi .mhtm, .mkv, .mov, .mp3, .mp4, .mpg .mpeg, .pict, .pdf, .pps, .pkg, .png, .ppt .pptx, .ppsx, .psd, .rar, .rtf, .scr, .swf, .sav, .tiff, .tif, .tbl, .torrent, .txt, .vsd, .wmv, .xls, .xlsx, .xps, .xml, .ckp, .zip, .java, .py, .asm, .c, .cpp, .cs, .js, .php, .dacpac, .rbw, .rb, .mrg, .dcx, .db3, .sql, .sqlite3, .sqlite, .sqlitedb, .psd, .psp, .pdb, .dxf, .dwg, .drw, .casb, .ccp, .cal, .cmx, .cr2.

The Cyber Police Ransomware's Ransom Note and Ransom Amount

The Cyber Police Ransomware demands a ransom of approximately 100 USD to be paid through Bitcoins, an online currency typically used in these attacks because it provides an anonymous payment method. The Cyber Police Ransomware delivers a ransom note with the following text to the victim's computer:

'YOUR COMPUTER IS BLOCKED BY CYBER POLICE
FOR UNLICENSED SOFTWARE'S USAGE
Your documents, photos, databases and other important files have been encrypted with strong encryption and unique key, generated for this computer. The private decryption key is stored on a secret internet server, and nobody can decrypt your files until you will pay fine and then obtain the private key.
HOW TO PAY
Go to hxxp://www.localbitcoins[.]com and buy Bitcoins worth of 100$ with your favorite payment method. Then through your account, send Bitcoins worth about 100$ to our Bitcoin address: 1NiGZiFPRqGdxB7ZpbcVsRUVqLJ2SjLsuM and indicate your email to receive the private decryption key via your email.'

This ransom note will show up as a pop-up program window on the victim's computer.

Dealing with the Cyber Police Ransomware

The Cyber Police Ransomware shows up on the infected computer running as an executable file named 'adobe.exe.' Unfortunately, once the Cyber Police Ransomware has encrypted the victim's files, they become unrecoverable. The best prevention against attacks like the Cyber Police Ransomware is to use file backups to ensure that files can be recovered if they become compromised as a result of a Cyber Police Ransomware infection.

Do You Suspect Your PC May Be Infected with Cyber Police Ransomware & Other Threats? Scan Your PC with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Cyber Police Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Note: SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. Free Remover allows you to run a one-off scan and receive, subject to a 48-hour waiting period, one remediation and removal. Free Remover subject to promotional details and Special Promotion Terms. To understand our policies, please also review our EULA, Privacy Policy and Threat Assessment Criteria. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

File System Details

Cyber Police Ransomware creates the following file(s):
# File Name Size MD5
1 diradobe.exe 259,072 6e7332f56cc478f128332036fbdf480e

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their PC with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your PC. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.