Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Remove Cyber Police Ransomware from Your Phone and Unlock It

stock-mobile-ransomware-sensorstechforumA new Android Lockscreen type of ransomware which belongs to the police impersonator viruses has been detected out in the wild. The questionable Trojan enters through users via suspicious applications or by visiting malicious web links via your phone. What is worse, this malware pretends to catch the user in violation making him pay the hefty fine of $100 USD. All users who have been affected by the ransomware should immediately take out their SIM card from their device and follow the instructions below to successfully get rid of this lock screen malware without any damage to their phone or data.

Name Cyber Police
Type Mobile Ransomware
Short Description Locks the screen of the user’s mobile device, claiming he or she has committed a crime and asking to pay a fine of 100$ for unlocking the device.
Symptoms The user may witness fake Android update after which the locking of his screen with a timer and a scareware message.
Distribution Method Malicious URLs prompting the installation of a malicious “content-gormless.apk” file.
Detection Tool Download Malware Removal Tool, to See If Your System Has Been Affected by Cyber Police
User Experience Join our forum to discuss Cyber Police.

Cyber Police Ransomware – Distribution

The way this ransomware may be spread is via several ways:

  • Socal Media and another type of online spam on websites.
  • Spammed emails that are featuring malicious URLs.

Users believe that the primary method for it to spread is via spam bots such as the My Facebook Video Spam. The way such spam bots work is that they corrupt a certain Facebook profile to send out spam messages with custom URLs carrying the payload:

android spam

After the link has been clicked it may redirect to a page, prompting an update. Regarding Cyber Police ransomware, malware researchers from Symantec Security Response have confirmed that the ransomware displays an Android Update prompt, very similar to the following:

Android-fake-upgrade

Once the user taps on “Activate” or “Install”, the malware may begin the infection process. The malicious package believed to be carrying the payload is reported to be named “content-gormless.apk”.

Cyber Police Ransomware In Detail

Once activated on the computer the ransomware assumes control of the following features:

  • The background.
  • Phone and messaging services.
  • Imaging services.
  • Camera and app access and launch control.

Furthermore, after installation, the app will display itself with an icon, which has the Android logo on a green background and white color.

Not only this but upon activation, the ransomware is also reported to connect to multiple remote hosts which may be its command and control centers:

  • Routstreetcars(.)com
  • girlszendarno(.)com
  • peacemoneybeach(.)com
  • lozengteamsource(.)com
  • grenzmonstreryt(.)com

After an infection, the ransomware has been reported to lock the screen of the user. If the user tries to enter the menu, the lock screen immediately closes it. It is reported to feature a timer along with a scareware message claiming the user has broken the law:

Cyber-crime-lock-screen-ransomware

Not only this, but researchers at YooSecurity Guides report of variants of the Cyber Police lockscreen ransomware to feature the following ransom note on tablets:

mobile-ransomware-sensorstechforum

The ransomware’s activities and demands are simple:

  • To pay a “fine” of approximately 100$ via payment services like Ukash or iTunes Gifts.
  • To steal personal and other sensitive data from the Android device of the user.

In case you have become a victim by this malware, it is strongly advisable to immediately change the passwords of your phone’s Google and other accounts where you have registration.

Remove Cyber Police Ransomware and Fix Your Phone

You have the option to take your phone to a specialist. However, it is rather expensive in terms of time and money. And removing it will not turn out to be that tricky after all. This is why we have designed instructions that you should follow below to help you deal with this ransomware swiftly and for free.

1. Back up the data on your device
2. Hard-reset your device and remove Cyber Police
3. Restore missing or corrupt files using special file restoration software

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.