To try to be more efficient, we have to go after these two domains:
xchange[.]cx
stealthex[.]co
They are the new element of the scheme, and for that they have to be overthrown.
They can easily be replaced with other phishing websites just like they removed the eXch phishing site from there. It's the same group that operates the phishing sites and these 'news sites' driving traffic to them. Plus, they are not the focus of this campaign. The xchange and stealthex teams can deal with that if they see fit. xchange seems more willing to do something.