Cyber Police Ransomware

Cyber Police ransomware has been making headway on ransomware information channels. It was discovered by Lawrence Abrams and is based on an older ransomware project called HiddenTears.

Cyber Police Ransomware usually targets personal computers and servers rather than organisations.

The attackers’ idea is to pose as a type of cybercrime fighting unit called “Cyber Police.” To break into the victim’s environment, operators use means such as Trojans, fake software update tools, but the most common is still spam email campaigns.

Having access to the environment, attackers take advantage of system vulnerabilities to encrypt the machine’s data using AES encryption. All infected files are renamed with the .locked extension, which makes them completely inaccessible without the decryption key.

After encryption, Cyber Police ransomware changes the desktop wallpaper and then creates a “READ_IT.txt” file.

This step in the process is where the attackers’ sense of impersonating a cybercrime fighting unit is found. The message used in the wallpaper and text file states that the system has been locked down due to the use of unauthorised software and the files have been encrypted.

It further states that a special decryption key is needed to restore the files. To obtain this key the victim would have to pay a $100 fine in Bitcoin.

Unfortunately, this new tactic seems to be quite efficient, as many victims, giving credence to the veracity of the information, paid the said “fine”.

However, today it is possible to recover the data without having to pay any fine or ransom or having the need to use a decryption key.

Recover files encrypted by Cyber Police ransomware

For more than 23 years, Digital Recovery has been helping businesses recover their data. We have accumulated a wealth of knowledge over the years, which has enabled us to become one of the leading ransomware recovery companies.

Our professionals have created innovative and incredibly successful solutions. Today, virtually any infected storage device, including servers, databases, virtual machines, RAID systems and more, can have their data recovered.

Because Digital Recovery recognizes how crucial data preservation is, we have created a tailored Confidentiality Agreement (NDA) for the situation. In addition, we have developed our solutions in accordance with the General Data Protection Regulation (GDPR).

We create unique technologies that speed up the procedure and improve the results to give you a better experience with our services. These solutions are often performed remotely.

Talk to one of our experts and ask for a diagnosis right now.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionised digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery