Remember the guy which created Silk Road. People talked about him in mythical terms, that he probably has the op-sec of God, but afterwards facts pointed to major mistakes, like connecting identities to his real name, and suddenly everybody was like "how can he be so stupid, doing this while being the owner of a $100 mil criminal empire"
It's a classic asymmetry: the defender needs to defend all the time, the hacker just needs to get in once. Ditto op-sec, the hacker needs to keep their identity protected at all times, the security services only need to connect the dots once.
Yet as far as I remember he leaked his identify long before anyone even knew Silk Road is even a thing. And someone behind this botnet certainly knew what scale it's going to have before they started it.
