Shared infrastructure, use of same non-public backdoor, same tactics taken once on the box, same watering hole used, hop point includes connections from both Facebook and Apple...
Come on man. Read the Mandiant report on APT1 if you want to get schooled on how to tie groups of hackers together over different campaigns.
