According to the latest information made public by Wang Minghua, an operator with the National Computer Network Emergency Response Coordination Centre of China (CNCERT/CC), the attack seems to have been tied to by a single, amateur hacker from Qingdao in the Shandong province.
The attack was not made on purpose, he says, as the hacker was looking to DDoS a game server and has attack government servers by mistake. The authorities managed to track him down because he mounted the attack from his own IP address.
But, as South China Morning Post notes, it's still possible that this suspect is not the actual attacker.
In fact, not two weeks ago, an official statement from the authorities identified the attackers as a group of hackers with commercial interests who used a large botnet to mount the attack.
Why the sudden change of stance? It's difficult to say. But a Shangai-based cybersecurity expert said he had his doubts about the "lone hacker" theory, saying that the attack was simply too expensive to launch for random, amateur hackers.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.