Wired has an article that says U.S. researchers have identified one of the coders behind the attacks on Google. It appear that he was tracked down using a posting on a hacking forum with code used in the attack, unfortunately it does not provide specifics on any of the details involved. It does mention that he only wrote part of the code involved, again no more details.
In cases like these the coder posting code to forums or mailing list are almost the only way to track code back to anyone specific. Even with that, if the code was posted by a individual it may not be the same one who used it.
The quotes from the researchers in the article hint at them knowing more about what’s going on then is revealed. Information like this is interesting but you really would not want to see anyone fire or worse in the coders case, because it has been released.
The article is here http://www.wired.com/threatlevel/2010/02/us-pinpoints-coder-behind-google-attack/
It does have a link inside to the Financial Times, but you need to register to get it all.