Many times in the past, a piece of malware developed by one group has been co-opted by another group. You see a virus like Stuxnet or Mirai that's working well, you just replace the payload, or switch the command-and-control code over to yourself. Then you launch an attack, but the weapon has someone else's fingerprints all over it.
As such, even if Xi Jinping himself had stood up at the UN and claimed responsibility for a particular Windows kernel-mode rootkit, that still wouldn't be incontrovertible evidence.
As such, even if Xi Jinping himself had stood up at the UN and claimed responsibility for a particular Windows kernel-mode rootkit, that still wouldn't be incontrovertible evidence.