What is Crypto malware?
Crypto malware refers to a group of viruses that encrypt files to prevent the owner from using them. This type of malware targets any files and shared folders on the network. For Minfos customers this includes the F: and H: drives.
Malware may be found in emails that appear to be from legitimate sources, for example FedEX and banks. These emails may contain subject headers that will entice you to read the email and click links or open attachments.
If you receive an email from an unknown source or you are unsure about the validity of an email, please do not:
- Click links and website advertisements (for example, order confirmation or billing links)
- Open an email attachment, including PDFs, Word files, Text files, PowerPoint files
- Click on a social networking site link
How do I know if my system is infected?
These particular viruses encrypt files on your network that it thinks are valuable and may change the file extension type, e.g. MP3.
Other ways to know that your store has been infected are:
- You cannot open DSE.back.dat
- Your files have been corrupted
- A ransomware message informing that you have been infected
What if my system is infected?
Please contact your hardware vendor. They will recommend a course of action as each infection is unique and the method for dealing with the infection will be different each time.
Minfos Cloud Backup can expedite the process of getting your pharmacy running again after the hardware vendor has cleaned your system. Please contact Minfos Support.
Charges may apply if Minfos is required to assist in restoring your third party backup system. Refer to the Minfos Support Chargeable Work Policy. Please discuss with your manager and with Minfos Support if you require assistance.
Note: If you do not have a preferred hardware vendor, contact Chemist POS Direct on 1300 767 303.
If you suspect Malware is operating at your pharmacy...
- Don't close the Minfos Server Database. Don't close the error dialogues on the Minfos Server Database.
- Check for any normal files that may have been encrypted, like MINFOS.CFG or dseback.dat. You’ll see they have a different or no extension e.g. MINFOS.enc or dseback.mp3 or no extension at all.
- Notify your Hardware Vendor of the infection so they can begin the removal process.
CAUTION: Closing the Minfos Server Database may release the locks it has on the H:\Minfos01\DB folder letting the Malware encrypt those files! Please ensure your Hardware Vendor has cleaned your system before closing your Minfos Server Database.
Would you like to use Minfos Cloud Backup (MCB)?
MCB enables easy system restoration from an offsite copy of Minfos, allowing your store to commence trading sooner. Contact Minfos Support to discuss setting up your pharmacy with MCB.