Have you looked at the files? They were obviously generated in a Chinese-affiliated development environment, and the interface is designed for Chinese speakers. Which is exactly what they said. They very pointedly DIDN’T say that the malware was written by the Chinese government or one of their affiliates.
It’s also not in the same style as the stuff generated by the various Chinese APT groups, so is likely by some third party with Chinese connections. It’s a very methodical and thorough collection, but it wasn’t discovered via an attack — the researchers stumbled across the test environment. And that’s not something that’s likely to be the case with state actor-related groups.
Have you looked at the files? They were obviously generated in a Chinese-affiliated development environment, and the interface is designed for Chinese speakers. Which is exactly what they said. They very pointedly DIDN’T say that the malware was written by the Chinese government or one of their affiliates.
It’s also not in the same style as the stuff generated by the various Chinese APT groups, so is likely by some third party with Chinese connections. It’s a very methodical and thorough collection, but it wasn’t discovered via an attack — the researchers stumbled across the test environment. And that’s not something that’s likely to be the case with state actor-related groups.