It is not clear who ordered or coordinated the attacks. The Chinese government has denied involvement.
The developers of the code, who took advantage of a vulnerability in systems using Internet Explorer 6, include students who “hack for prestige,” said one source, whose firm is among several investigating the attacks. He said investigators have narrowed the list of hackers to about six individuals but declined to divulge their names.
The code developers did not execute the attack or “nose around” in the networks of Google or other companies, he said. “They’re out in the open with it, passing the code back and forth to one another on open source hacker forums,” in some cases with their “hacker handles” attached, he said.
None of the handful of code developers involved in the Internet Explorer part of the attack — there could be other code developers involved — is a graduate of the two Chinese schools, though they have links to them through people they are working with, the source said.