> This operation was successful in copying and removing those web shells. However, it did not patch any Microsoft Exchange Server zero-day vulnerabilities or search for or remove any additional malware or hacking tools that hacking groups may have placed on victim networks by exploiting the web shells.
So they removed the IOC but left the hole wide open.
This kind of "help" is going to be an incentive to stop doing business with US hosting companies.
You have misunderstood me: I don't want them patching systems; I don't want them touching systems that aren't theirs at all.
It's illegal for a reason. They committed the same crime by removing the web shells as was committed by the person who placed them there. (Who can put them right back.)
So they removed the IOC but left the hole wide open.
This kind of "help" is going to be an incentive to stop doing business with US hosting companies.