Comment by subscribed

And how would blocking the devs ability to sign the new version stop the spread of the already downloaded and still available old version?

I think you forgot we're talking about the kernel drivers specifically - normal scammers don't need that, they use AnyConnect downloaded from Chrome.

I think you also forgot to read it all and missed that it was supposedly some deanonymisation (ID verification) process that kicked it off, and missed that the dev has immediately verified themselves but then we're told they need to wait 2 months to wait.

Because.

It's not an automated process at this point.