The lack of attribution on this organized and well-financed operation is the most concerning part of this attack, in my opinion. It seems unlikely that any APT would burn ALL of its 0-days for the iOS platform in one campaign, so they likely have more which they can pivot to. Of course there are 3 nation-states who are most likely to be behind this operation, but which one was it? If possible, we should be looking for other victims of this attack using the IOCs discovered at Kaspersky. If we find other instances of this attack on Taiwanese government officials or members of the Uighur population, for instance, that would be a smoking gun for attributing it to one particular nation. Finding traces of this attack on the devices of Ukrainian government officials would point in a different direction. Either way, we need to be able to attribute this attack, and the other victims of this APT might not know to check themselves for indicators. Does anyone here know if there are efforts by cybersecurity researchers to uncover other victims of this attack in vulnerable or potentially targeted communities?