The Feds have cleared malicious web shells from hundreds of vulnerable computers in the U.S. that had been compromised via the now-infamous ProxyLogon vulnerabilities. Microsoft last month warned that the bugs were being actively exploited by the Hafnium advanced persistent threat (APT) The FBI issued a series of commands through the web shells to the affected servers in a court-authorized action. It didn t notify affected organizations ahead of time, but authorities said they re sending out notices now.
Source: https://threatpost.com/fbi-proxylogon-web-shells/165400/