Home Malware Programs Ransomware Police Ransomware Virus

Police Ransomware Virus

Posted: August 15, 2012

As a 'subgenre' of the already-profitable ransomware Trojan industry, Police Ransomware are responsible for an estimate of millions of criminal profit in computer-infecting scams that lock down the afflicted PCs. While Police Ransomware originally limited their usage to the relatively authoritarian state of Russia, modern Police Ransomware are designed for a large range of countries, with a specific focus on economically high-end targets like the United States and Europe. Ransom messages from Police Ransomware differentiate themselves from similar Trojan attacks by pretending to be alerts from actual law enforcement agencies. Since many types of Police Ransomware feature a high degree of nationally-specific details to lend superficial credibility to their attacks, victims often are fooled into believing that they need to pay a legal fee (averaging at anywhere from forty to over a hundred dollars) to regain usage of their computer.

The basic methodology of Police Ransomware is similar to that of any other ransomware Trojan: after gaining access to your computer through surreptitious methods, the Police Ransomware will force a reboot. Upon the reboot, the Police Ransomware then displays a screen-wide pop-up warning that blocks you from using any other part of your computer, including the Windows taskbar, shortcuts or other programs. The pop-up warns you that your PC has been locked due to committal of a common Internet crime – such as looking at specific types of pornography or downloading music. Police Ransomware Trojans claim that paying a fine will restore your PC to normal, although SpywareRemove.com malware research team notes that the majority of Police Ransomware do not respond to any unlock codes and have no way to unlock your computer according to their stated methods.

Of late, Police Ransomware has become so particularly prevalent in Europe, which prompted an Interpol/Europol/Eurojust collaborative meeting in May of 2012 to discuss appropriate official strategies for dealing with Police Ransomware attacks. However, other countries, particularly in the first world, have also been under threat from Police Ransomware attacks, which are localized to each new region – albeit not always with a deft hand. Some common facets of localization that SpywareRemove.com malware experts consider worth mention include:

  • Police Ransomware will make explicit references to law enforcement or investigation agencies for your country. A Police Ransomware Trojan can claim to be sent by the United States FBI, the Bundespolizei of Germany, the Australian Federal Police, Scotland Yards and the Strathclyde Police are all examples of agency names that have been used to cover for Police Ransomware attacks.
  • Official agency logos for the above entities will also be included on a Police Ransomware pop-up. Similarly, other 'official' logos – such as retail chain symbols or national flags – may also be used to give an appearance of Police Ransomware being affiliated or sponsored by various entities.
  • Because Police Ransomware, as criminal software, can't accept legitimate transactions by standardized methods, most forms of Police Ransomware specify one of various particular transactions means that are available at local retailers in the country in question. Paysafecard, Ukash, MoneyPak and even Ultimate Game Card have been used for this purpose.
  • Of course, Police Ransomware will use the appropriate native language for a given country. However, that language may be imperfectly-translated – victims should note spelling errors and unusual grammatical inconsistencies that are indicative of non-native speakers and/or automatic translator programs.
  • Some variants of Police Ransomware will record your webcam input and display the recording in a miniature window within their pop-ups. This gives the impression that law enforcement agencies are monitoring your actions visually.
  • Perhaps most frighteningly for those who aren't aware of the Police Ransomware industry's nature, Police Ransomware pop-ups also have a noted tendency to reference, paraphrase or quote various legal regulations pertaining to the crimes that they claim your PC has been used to commit. Such references are almost invariably followed by threats of extremely high fees or even imprisonment if you fail to comply with the initial ransom request. It should be stressed that no form of Police Ransomware has any legal authority, and you don't face any penalties for ignoring their fake warnings.

Removing Police Ransomware from your computer, like any other type of ransomware, requires that you prevent the Police Ransomware from launching since the Police Ransomware will block you from using other programs. Starting your machine from a USB device or in Safe Mode should be adequate for this purpose, after which your anti-malware software can attend to the Police Ransomware infection.

In many cases, a single type of Trojan can adapt itself to multiple countries by using appropriately-malleable Police Ransomware attacks. SpywareRemove.com malware experts have observed this to take place due to the original attack identifying the victim's location by the IP address (tellingly, most types of Police Ransomware also display your IP address in their pop-up alert). Afterward, the Police Ransomware can load one of several pop-ups, with the specific pop-up chosen to match the region indicated by your IP address.

Many variants of Police Ransomware (also known as Police Trojans) are often referred to as viruses, such as the Ukash Virus family. However, most forms of Police Ransomware don't include any form of built-in self-distribution and require other types of malware to distribute them to new PCs.

Thankfully, most Police Ransomware attacks appear to lean heavily on the ignorance of the PC user to achieve their goals. Unlike other types of ransomware Trojans, Police Ransomware tend to avoid file-damaging encryption attacks – although this is merely a tendency rather than a strict rule. As usual, you should keep yourself informed about the state of Police Ransomware on the Internet, and possess anti-malware software to guard against Police Ransomware-installing attacks, are your best bets for protecting your PC.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Police Ransomware Virus may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Related Posts

One Comment

  • Dima says:

    Well, Pallab I agree that there are many anti-virus softwares which are not upto the mark and some do give false poveiists. But, it depends on lots of things and the reports or websites you've chosen are also good. It was just that I was giving an option, that one can always choose another online scanner and see where exactly there antivirus stands.And as you see the above listed URL, I've always supported that one must have more than 1 layer of protection and so, it is not just one antivirus solution which can give you the best protection.