I'd suspect there's a disconnect between the group selling/providing the tools, and the group using them.
A webkit 0day could've been delivered via a watering-hole attack or something even just a tiny bit more sophisticated (compromise a trusted contacts social media account, send the link from there) and succeeded.
Whoever put the effort/time/money into developing the exploit chain is likely pissed off it got burnt via such an amateur delivery.
A webkit 0day could've been delivered via a watering-hole attack or something even just a tiny bit more sophisticated (compromise a trusted contacts social media account, send the link from there) and succeeded.
Whoever put the effort/time/money into developing the exploit chain is likely pissed off it got burnt via such an amateur delivery.