POLICJA!!! Ransomware

Computer users located in Poland may be targeted by the POLICJA!!! Ransomware, an encryption ransomware Trojan. The POLICJA!!! Ransomware is an adaptation of the JigSaw Ransomware, a know ransomware family with multiple variants. The POLICJA!!! Ransomware attacks target computer users located in Poland specifically and have taken place starting in July 2018. The POLICJA!!! Ransomware follows in the patterns set by the so-called police ransomware Trojans, which carry out an attack that impersonates the law enforcement when attacking their victims.

How the the POLICJA!!! Ransomware Trojan Attack Works

The POLICJA!!! Ransomware will use a powerful encryption algorithm to make the victim's files inaccessible. The POLICJA!!! Ransomware will use the AES encryption to make the victim's files inaccessible, targeting a wide variety of the user-generated files and then adding the file extension '.##___POLICJA!!!___TEN_PLIK_ZOSTA' to the end of each affected file's name. There are some examples of the files that threats like the POLICJA!!! Ransomware will target in their attacks,which include:

.ebd, .jbc, .pst, .ost, .tib, .tbk, .bak, .bac, .abk, .as4, .asd, .ashbak, .backup, .bck, .bdb, .bk1, .bkc, .bkf, .bkp, .boe, .bpa, .bpd, .bup, .cmb, .fbf, .fbw, .fh, .ful, .gho, .ipd, .nb7, .nba, .nbd, .nbf, .nbi, .nbu, .nco, .oeb, .old, .qic, .sn1, .sn2, .sna, .spi, .stg, .uci, .win, .xbk, .iso, .htm, .html, .mht, .p7, .p7c, .pem, .sgn, .sec, .cer, .csr, .djvu, .der, .stl, .crt, .p7b, .pfx, .fb, .fb2, .tif, .tiff, .pdf, .doc, .docx, .docm, .rtf, .xls, .xlsx, .xlsm, .ppt, .pptx, .ppsx, .txt, .cdr, .jpe, .jpg, .jpeg, .png, .bmp, .jiff, .jpf, .ply, .pov, .raw, .cf, .cfn, .tbn, .xcf, .xof, .key, .eml, .tbb, .dwf, .egg, .fc2, .fcz, .fg, .fp3, .pab, .oab, .psd, .psb, .pcx, .dwg, .dws, .dxe, .zip, .zipx, .7z, .rar, .rev, .afp, .bfa, .bpk, .bsk, .enc, .rzk, .rzx, .sef, .shy, .snk, .accdb, .ldf, .accdc, .adp, .dbc, .dbx, .dbf, .dbt, .dxl, .edb, .eql, .mdb, .mxl, .mdf, .sql, .sqlite, .sqlite3, .sqlitedb, .kdb, .kdbx, .1cd, .dt, .erf, .lgp, .md, .epf, .efb, .eis, .efn, .emd, .emr, .end, .eog, .erb, .ebn, .ebb, .prefab, .jif, .wor, .csv, .msg, .msf, .kwm, .pwm, .ai, .eps, .abd, .repx, .oxps, .dot.

The POLICJA!!! Ransomware will show a ransom note in the form of an HTA application that displays a window with a message on the infected computer, after encrypting and renaming the victim's files. The message displayed by the POLICJA!!! Ransomware's ransom note, translated from Polis reads:

'WARNING WARNING!!! Here is the provincial police headquarters, the cybersecurity department,
ALL PERSONAL FILES FROM THIS COMPUTER WERE BLOCKED AND PROTECTED,
TO VERIFY LEGALITY OF YOUR FILES !!!
Our system monitoring network security has once again detected the massive proliferation of malicious software or pornographic content involving minors !!!
In Polish law, these are severe crimes for which you are in danger of imprisonment up to 12 years !!! We are aware of the fact that personal files may be necessary for you at any time, which is why we give you a 100% guarantee of unlocking them, but only after paying a fine in BTC (BITCOIN) for the Foundation ** Polsat **!!!
If you do not make the payment within 3 days, all blocked files will be permanently deleted from the disk, Do not turn off the computer before making the payment, because then automatically 1000 files are permanently deleted !!!
It's time to decide... Please send at least $997 to the BTC wallet below:
[random characters]'

Dealing with the POLICJA!!! Ransomware

If your files have been compromised by attacks like the POLICJA!!! Ransomware, it is recommended that the threat is removed with a security program, and the files affected by the POLICJA!!! Ransomware replaced with backup copies. This is why it is so necessary to have file backups on external storages. File backups, combined with strong security software and measures can prevent most attacks similar to the POLICJA!!! Ransomware and keep your files safe from becoming encrypted and inaccessible. It is also demanded to refrain from paying the ransom demanded by the POLICJA!!! Ransomware.