Computers at Shanghai Jiaotong University and the Lanxiang Vocational School in China reportedly played a role in the attacks, according to unnamed sources cited in The New York Times.
Lanxiang Vocational School, The New York Times says, was created with funding from the Chinese military and trains computer scientists for the Chinese military. Its network is operated by a company with ties to Baidu, Google's most significant rival in China.
Evidence of the role of the two schools' computers was reportedly presented by a U.S. military contractor at a meeting of security professionals.
If true, the finding adds further weight to the views of security researchers that the attacks came from China.
While computer security experts in the U.S. suspect that the attackers have ties to the Chinese government, no conclusive evidence has been presented that the Chinese government was involved in the attacks. The Chinese government in January emphatically denied any such involvement. It has maintained that it is a frequent victim in cyberattacks.
The prevalence of illegally copied software in China ensures that many systems there are in fact poorly defended. Cybercriminals outside of China do exploit the country's vulnerable infrastructure for their operations.
Some computer security experts contend that the attacks on Google and other companies are routine and ongoing. A report on Thursday that some 2,500 businesses and government organizations had been compromised by a Zeus Trojan variant and turned into botnet zombies was met with yawns by security vendors not involved with the research.
"In the world of cybersecurity the 'kneber' botnet is, unfortunately, just another botnet," said McAfee in an e-mailed statement. "With 75,000 infected machines, Kneber is not even that big, there are much larger botnets." The company says that in the last three months of 2009, just under 4 million computers were compromised and hijacked by botnet malware.