![](https://lemmy.ml/pictrs/image/280bfb09-56c3-4810-9685-bc7d61d26b13.png)
![](https://lemmy.world/pictrs/image/4271bdc6-5114-4749-a5a9-afbc82a99c78.png)
More specifically, it’s the name used by the attacker. Could well be multiple people, or if it’s one person (still almost certainly state-funded, but the state can fund one person), a fake name nevertheless. We have no info about this person’s real life identity. They used a VPN in Singapore, and some people have looked at the times of the commits to try guess a timezone, though that’s not foolproof as they could’ve just been a nocturnal person, or even tried to schedule commits to happen at a time to suggest they’re in a different timezone, though I think the latter is unlikely and overkill.
I like how simple and fast runit is. And the added security is nice.