However, the attackers apparently check their victims beforehand and then decide whether another attack is worthwhile. The campaign is apparently not primarily about taking money out of the pockets of those affected. For this reason and because of the complexity, the researchers assume that the attackers are not simple criminals, but act on behalf of state organizations. However, the background has not yet been finally clarified.
Black Lotus Labs researchers believe the campaign is a result of the COVID-19 pandemic and related home office work. Private routers have therefore also come under the scrutiny of those who are actually targeting companies.