One of the schools has ties to the Chinese military and to a network company with ties to Google's rival Baidu.
Two Chinese schools have been linked to the cyber attacks on Google and dozens of other companies last year.
Computers at Shanghai Jiaotong University and the Lanxiang Vocational School in China reportedly played a role in the attacks, according to unnamed sources cited in The New York Times.
Lanxiang Vocational School, The New York Timessays, was created with funding from the Chinese military and trains computer scientists for the Chinese military. Its network is operated by a company with ties to Baidu, Google's most significant rival in China.
Evidence of the role of the two schools' computers was reportedly presented by a U.S. military contractor at a meeting of security professionals.
If true, the finding adds further weight to the views of security researchers that the attacks came from China.
While computer security experts in the U.S. suspect that the attackers have ties to the Chinese government, no conclusive evidence has been presented that the Chinese government was involved in the attacks. The Chinese government in January emphatically denied any such involvement. It has maintained that it is a frequent victim in cyberattacks.
The prevalence of illegally copied software in China ensures that many systems there are in fact poorly defended. Cybercriminals outside of China do exploit the country's vulnerable infrastructure for their operations.
Some computer security experts contend that the attacks on Google and other companies are routine and ongoing. A report on Thursday that some 2,500 businesses and government organizations had been compromised by a Zeus Trojan variant and turned into botnet zombies was met with yawns by security vendors not involved with the research.
"In the world of cybersecurity the 'kneber' botnet is, unfortunately, just another botnet," said McAfee in an e-mailed statement. "With 75,000 infected machines, Kneber is not even that big, there are much larger botnets." The company says that in the last three months of 2009, just under 4 million computers were compromised and hijacked by botnet malware.
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.