Remove Cyber Police Ransomware from Your Phone and Unlock It - How to, Technology and PC Security Forum |

Remove Cyber Police Ransomware from Your Phone and Unlock It

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

stock-mobile-ransomware-sensorstechforumA new Android Lockscreen type of ransomware which belongs to the police impersonator viruses has been detected out in the wild. The questionable Trojan enters through users via suspicious applications or by visiting malicious web links via your phone. What is worse, this malware pretends to catch the user in violation making him pay the hefty fine of $100 USD. All users who have been affected by the ransomware should immediately take out their SIM card from their device and follow the instructions below to successfully get rid of this lock screen malware without any damage to their phone or data.

NameCyber Police
TypeMobile Ransomware
Short DescriptionLocks the screen of the user’s mobile device, claiming he or she has committed a crime and asking to pay a fine of 100$ for unlocking the device.
SymptomsThe user may witness fake Android update after which the locking of his screen with a timer and a scareware message.
Distribution MethodMalicious URLs prompting the installation of a malicious “content-gormless.apk” file.
Detection ToolDownload Malware Removal Tool, to See If Your System Has Been Affected by Cyber Police
User Experience Join our forum to discuss Cyber Police.
Data Recovery ToolWindows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.

Cyber Police Ransomware – Distribution

The way this ransomware may be spread is via several ways:

  • Socal Media and another type of online spam on websites.
  • Spammed emails that are featuring malicious URLs.

Users believe that the primary method for it to spread is via spam bots such as the My Facebook Video Spam. The way such spam bots work is that they corrupt a certain Facebook profile to send out spam messages with custom URLs carrying the payload:

android spam

After the link has been clicked it may redirect to a page, prompting an update. Regarding Cyber Police ransomware, malware researchers from Symantec Security Response have confirmed that the ransomware displays an Android Update prompt, very similar to the following:


Once the user taps on “Activate” or “Install”, the malware may begin the infection process. The malicious package believed to be carrying the payload is reported to be named “content-gormless.apk”.

Cyber Police Ransomware In Detail

Once activated on the computer the ransomware assumes control of the following features:

  • The background.
  • Phone and messaging services.
  • Imaging services.
  • Camera and app access and launch control.

Furthermore, after installation, the app will display itself with an icon, which has the Android logo on a green background and white color.

Not only this but upon activation, the ransomware is also reported to connect to multiple remote hosts which may be its command and control centers:

  • Routstreetcars(.)com
  • girlszendarno(.)com
  • peacemoneybeach(.)com
  • lozengteamsource(.)com
  • grenzmonstreryt(.)com

After an infection, the ransomware has been reported to lock the screen of the user. If the user tries to enter the menu, the lock screen immediately closes it. It is reported to feature a timer along with a scareware message claiming the user has broken the law:


Not only this, but researchers at YooSecurity Guides report of variants of the Cyber Police lockscreen ransomware to feature the following ransom note on tablets:


The ransomware’s activities and demands are simple:

  • To pay a “fine” of approximately 100$ via payment services like Ukash or iTunes Gifts.
  • To steal personal and other sensitive data from the Android device of the user.

In case you have become a victim by this malware, it is strongly advisable to immediately change the passwords of your phone’s Google and other accounts where you have registration.

Remove Cyber Police Ransomware and Fix Your Phone

You have the option to take your phone to a specialist. However, it is rather expensive in terms of time and money. And removing it will not turn out to be that tricky after all. This is why we have designed instructions that you should follow below to help you deal with this ransomware swiftly and for free.

1. Back up the data on your device
2. Hard-reset your device and remove Cyber Police
3. Restore missing or corrupt files using special file restoration software

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share