Turns out the alleged hacker is a Chinese "freelance security consultant in his 30s" who had published extracts of his IE6 exploit code as a work in progress. Although this man did not launch any attacks himself, according to The Financial Times, Chinese officials have "special access" to his work and are believed to have picked up the code.
The spyware's launch was recently traced to computers at Shanghai Jiaotong University and Lanxiang Vocational School, the first of which counts former government cyber security experts among its staff. Both institutions have denied involvement in the attacks, of course. The latest findings don't give a definite answer as to who was behind the attacks, but it might put some extra pressure on China to cooperate with the ongoing investigations.