Cyber Police Ransomware Description
The Cyber Police Ransomware is an encryption ransomware Trojan that was first observed on November 11, 2017. The Cyber Police Ransomware is being delivered to victims through the use of spam email messages with compromised file attachments. These files take the form of Microsoft Word documents with corrupted macro scripts that download and install the Cyber Police Ransomware onto the victim's computer. The Cyber Police Ransomware also may be delivered through social media spam messages and a variety of other methods. It is paramount to take precautions against the Cyber Police Ransomware and similar threats. These infections are designed to take the victims' files hostage, preventing victims from accessing their files, which become inaccessible after the Cyber Police Ransomware encrypts them.
When the 'Police' is the Bad Guy
The Cyber Police Ransomware is based on HiddenTear, an open source ransomware engine that's available on underground forums freely. The Cyber Police Ransomware uses the AES 256 encryption combined with the RSA encryption to make the victim's files inaccessible. The Cyber Police Ransomware brand the files it compromises in its attack with the file extension .'locked,' making it clear which files have been encrypted. The Cyber Police Ransomware will encrypt files that are generated by the user while avoiding the files necessary for Windows to function. This is because the Cyber Police Ransomware and similar threats need the victim's operating system to continue working so that they can deliver a ransom note and extract payment from the victim. Examples of the file types that may be targeted by ransomware attacks like the Cyber Police Ransomware include:
.3gp, .7z, .apk, .avi, .bmp, .cdr, .cer, .chm, .conf, .css, .csv, .dat, .db, .dbf, .djvu, .dbx, .docm, ,doc, .epub, .docx .fb2, .flv, .gif, .gz, .iso .ibooks,.jpeg, .jpg, .key, .mdb .md2, .mdf, .mht, .mobi .mhtm, .mkv, .mov, .mp3, .mp4, .mpg .mpeg, .pict, .pdf, .pps, .pkg, .png, .ppt .pptx, .ppsx, .psd, .rar, .rtf, .scr, .swf, .sav, .tiff, .tif, .tbl, .torrent, .txt, .vsd, .wmv, .xls, .xlsx, .xps, .xml, .ckp, .zip, .java, .py, .asm, .c, .cpp, .cs, .js, .php, .dacpac, .rbw, .rb, .mrg, .dcx, .db3, .sql, .sqlite3, .sqlite, .sqlitedb, .psd, .psp, .pdb, .dxf, .dwg, .drw, .casb, .ccp, .cal, .cmx, .cr2.
The Cyber Police Ransomware's Ransom Note and Ransom Amount
The Cyber Police Ransomware demands a ransom of approximately 100 USD to be paid through Bitcoins, an online currency typically used in these attacks because it provides an anonymous payment method. The Cyber Police Ransomware delivers a ransom note with the following text to the victim's computer:
'YOUR COMPUTER IS BLOCKED BY CYBER POLICE
FOR UNLICENSED SOFTWARE'S USAGE
Your documents, photos, databases and other important files have been encrypted with strong encryption and unique key, generated for this computer. The private decryption key is stored on a secret internet server, and nobody can decrypt your files until you will pay fine and then obtain the private key.
HOW TO PAY
Go to hxxp://www.localbitcoins[.]com and buy Bitcoins worth of 100$ with your favorite payment method. Then through your account, send Bitcoins worth about 100$ to our Bitcoin address: 1NiGZiFPRqGdxB7ZpbcVsRUVqLJ2SjLsuM and indicate your email to receive the private decryption key via your email.'
This ransom note will show up as a pop-up program window on the victim's computer.
Dealing with the Cyber Police Ransomware
The Cyber Police Ransomware shows up on the infected computer running as an executable file named 'adobe.exe.' Unfortunately, once the Cyber Police Ransomware has encrypted the victim's files, they become unrecoverable. The best prevention against attacks like the Cyber Police Ransomware is to use file backups to ensure that files can be recovered if they become compromised as a result of a Cyber Police Ransomware infection.
Do You Suspect Your PC May Be Infected with Cyber Police Ransomware & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Cyber Police Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
File System Details
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your PC. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.