The malware is a PHP webshell – a script, which when installed on a compromised system, presents a sophisticated administration platform allowing the attacker to browse the filesystem of the compromised server, upload, create, edit, download, or delete files.
filebox.php login screen
Today we found a new PHP webshell, which we have not seen before anywhere.
This webshell (filebox) look very simple. It’s allow remote control files and upload more files to the server.
Websites that using Malware Expert – ModSecurity rules are protected against this webshell execution.
Use Malware Expert – Signatures detect this webshell backdoor from files for FREE!