“ The incident began from June 2025. Multiple independaent security researchers have assessed that the threat acotor is likely a Chinese state-sponsored group, which would explain the highly selective targeting obseved during the campaign.”
How do they know it was a Chinese group or even a state sponsored one?
“ The incident began from June 2025. Multiple independaent security researchers have assessed that the threat acotor is likely a Chinese state-sponsored group, which would explain the highly selective targeting obseved during the campaign.”
How do they know it was a Chinese group or even a state sponsored one?
They said "likely", so they don't "know." Yours is the wrong question.
The "likely" does give the impression that they have a pretty good idea.
1 reply →
Perhaps it's "...because that would explain..."?
By analyzing payloads / C2 address, etc...
Yeah because a state level actor would be completely incapable of false attribution.
1 reply →
> Chinese group
our enemy. It must be Chinese, North Korean or Russian.
> state sponsored one
"our software/our provider is so good that only a state actor can compromise us" (see Microsoft's AD keys hack for details)
When you want to spread jingoist paranoia you can just make stuff up and claim any critique is from said actors.