Anti-Malware Research

Police Ransomware Trojan Morphs, Spreads

The Trojan.Icepol e-threat (that we’ve covered here before) is still alive and very much kicking. In fact, according to Bitdefender antimalware researcher Razvan Benchea, its developers are kicking out version after version, at rapid pace, in a (somewhat misguided) attempt to stay ahead of antivirus solutions.

Bitdefender is keeping pace though, so (courtesy of the same Razvan Benchea), here’s a chart of the evolution of the number of detected instances of the various Trojan.Icepol variants found in the past two months or so: Icepol 0203to0404



Yep. It’s going up. If you’ve received a threatening e-mail purporting to come from the police in your country, it’s probably time to download the removal tool: Trojan.Ransom.Icepol (54399 downloads)

About the author



Razvan Stoica is a journalist turned teacher turned publicist and technology evangelist. When Bitdefender isn't paying him to bring complex subjects to wide audiences, he enjoys writing fiction, skiing and biking. Razvan Stoica started off writing for a science monthly and was the chief editor of a science fiction magazine for a short while before moving on to the University of Medicine in Bucharest where he lectured on the English language. Recruited by Bitdefender in 2004 to add zest to the company's online presence, he has fulfilled a bevy of roles within the company since. In his current position, he is primarily responsible for the communications and community-building efforts of the Bitdefender research and technology development arm.


Click here to post a comment
  • I’ve gotten that too. I’ve NO idea how cops would get my e-mail addresses. It makes no sense. The e-mails USUALLY give me tornado warnings and things of that nature. I’ve got eyes and a TV and don’t need police interfering with my computer. Actually, I don’t need them at all. On Feb. 6th, 2010 local police beat and crippled me for ABSOLUTELY NO REASON in my own living room (actually, it stems from an ex who had/has ties to police and when we broke up he turned into a complete monster). In any event, I wondered for the longest time why they’d be sending me weather status, etc., in my e-mail accounts. I never could figure out how they even got my various e-mail account addresses or for that matter, WHY? Why would they assume I’m going to run to the computer to read my e-mail if a tornado is ready to blow my house over? No I know it’s B.S. Well, I don’t think I’m going to call them to report it as they’ve crippled me by smashing my right arm which I’ve gone through six surgeries over and have an arm full of titanium and steel. I think I’ll just preserve my left arm. I guess I’ll run the removal tool just in case my new BitDefender Total Security hasn’t gotten rid of it. I take NO chances since I was last compromised with a virus that literally ATE hardware components in three computers. BitDefender Total Security probably does kill all these things off BUT I want to make sure so I’m going to run the tool.

  • Tried to run the BitDefender tool, but no luck here! Strange thing is, I cannot start the system in Safe Mode. It just shuts down when I try that. Is that the virus at work, or me doing something wrong?

  • I’ve removed many Police Ransomware trojans but they keep getting nastier and harder to remove from any system.

  • Hi,

    I have got the same issue Robert has, whenever I startup in Safe mode, the computer shuts down directly en reboots hence I’m not able to run the USB stick.

    Other options?

  • Only affects specifics users not all. If user A was infected then you have still access to your computer using user B for instance.

    I opened a case today let’s see how much time it takes to fix this problem. Tool does not work at all!!!!

  • In my pc I removed the virus with an usb stick with Bitdefender in five seconds just by following the instructions from Bitdefender.