Cyber Police Ransomware is a malicious application that shows a message saying: “your computer is blocked by cyber police for unlicensed software’s usage.” As the rest of its text says, the malware encrypts user’s files and demands for ransom in exchange for a decryption key. Apparently, the threat can lock a wide range of different file types, including executable files. Therefore, infecting the system with it could cause you a lot of trouble. Naturally, paying the ransom might seem the easiest way to undo the damage, but you should know there are no guarantees the cyber criminals behind Cyber Police Ransomware will keep up with their promises. In other words, no one can stop them from tricking you if they decide not to bother with sending the promised decryption tool. This is why we recommend ignoring the malware’s message and erasing it at once. The recommended deletion steps available below the article are here to help you with this task.
We believe, Cyber Police Ransomware might be distributed via usual channels, such as Spam emails, malicious file-sharing web pages, and so on. After the launch, the malware is supposed to create an executable file called local.exe in the %HOMEDRIVE%\user\Rand123 location. It is essential to mention the threat also creates the folder called Rand123. Besides this data, the ransomware should place an image called ransom.jpg in the %HOMEDRIVE%\user location and a picture named test.jpg on the computer’s C: drive. One of the pictures should be used to replace user’s default Desktop wallpaper, while the other one is probably just an extra copy in case the user decides to remove the wallpaper. Both of the images might carry a message or in other words, a ransom note; we talked about at the beginning of the article.
The ransom note claims Cyber Police Ransomware encrypted all important documents and other user’s files located on the infected computer. Our specialists say this should be true because it looks like the malware can encrypt a wide range of different file types. Also, we noticed the malicious application marks each damaged file with a second extension called .locked, for example, flower.jpg.locked. To restore such data the cyber criminals behind the threat suggest purchasing a decryption key for 100 US dollars. To be more precise, it is said the user should spend this sum on buying Bitcoins and then send them to the provided Bitcoin wallet. After the payment is made, the malicious application’s creators promise to send the promised decryption tool via your email address. The problem is no one can tell if they will do so.
Provided, you do not want to risk your money, we advise you to learn from the experience of users who lost their money while putting up with cyber criminals’ demands and remove the malware instead. According to our researchers, Cyber Police Ransomware can be eliminated manually, or with automatic features, so you can choose the option you prefer most. Users who feel up to the task could follow the steps you can see below the text and get rid of the malicious application manually. Those who choose the second option, should install a reliable antimalware tool and perform a full system scan.
|#||File Name||File Size (Bytes)||File Hash|
|1||test.jpg||348705 bytes||MD5: 4e1c292d273c5f0bf96e26f8e23f2cf1|
|2||adobe.exe||259072 bytes||MD5: 6e7332f56cc478f128332036fbdf480e|
|#||Process Name||Process Filename||Main module size|