Kernel.org servers infected with backdoors for two years from 2009

The title is quite clickbaity I think, because of this:<p>&gt; Occurred no later than August 12, 2011, and wasn&#x27;t detected for another 17 days<p>which also had a discussion on HN in 2013:<p><i>Who rooted kernel.org servers two years ago?</i> (<a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=6438326">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=6438326</a>) - Sep 2013 (45 comments)<p>The article from ESET is here,<p><i>Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain</i> (<a href="https:&#x2F;&#x2F;www.welivesecurity.com&#x2F;en&#x2F;eset-research&#x2F;ebury-alive-unseen-400k-linux-servers-compromised-cryptotheft-financial-gain&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.welivesecurity.com&#x2F;en&#x2F;eset-research&#x2F;ebury-alive-...</a>) - May 2024<p>but the article itself only serves as an introduction to the PDF:<p><a href="https:&#x2F;&#x2F;web-assets.esetstatic.com&#x2F;wls&#x2F;en&#x2F;papers&#x2F;white-papers&#x2F;ebury-is-alive-but-unseen.pdf" rel="nofollow">https:&#x2F;&#x2F;web-assets.esetstatic.com&#x2F;wls&#x2F;en&#x2F;papers&#x2F;white-papers...</a>

&gt; Maintainers reneged on a promise[0] to provide an autopsy of the hack, a decision that has limited the public’s understanding of the incident.<p>[0] <a href="https:&#x2F;&#x2F;arstechnica.com&#x2F;information-technology&#x2F;2013&#x2F;09&#x2F;who-rooted-kernel-org-servers-two-years-ago-how-did-it-happen-and-why&#x2F;" rel="nofollow">https:&#x2F;&#x2F;arstechnica.com&#x2F;information-technology&#x2F;2013&#x2F;09&#x2F;who-r...</a><p>This bit makes it sound like 3 letter agencies were involved?