filebox.php webshell

The malware is a PHP webshell – a script, which when installed on a compromised system, presents a sophisticated administration platform allowing the attacker to browse the filesystem of the compromised server, upload, create, edit, download, or delete files.

filebox.php login screen

Today we found a new PHP webshell, which we have not seen before anywhere.

filebox shell login

PHP webshell

This webshell (filebox) look very simple. It’s allow remote control files and upload more files to the server.

filebox webshell

Final words

Websites that using Malware Expert – ModSecurity rules are protected against this webshell execution.

Use Malware Expert – Signatures detect this webshell backdoor from files for FREE!