DragonSpark does not appear to have any notable ties to other Chinese based threat actors. Based on the attacks that the group is carrying out, especially in regards to the locations of the victims as well as the choice of tools primarily developed by Chinese authors, researchers are fairly certain that the group has ties to China. It highly recommended that companies that either have ties to Eastern Asia or do a lot of business in that region should ensure they are doing their best to secure MySQL databases as those are the main intrusion vector by the group.
https://www.bleepingcomputer.com/news/security/hackers-use-golang-source-code-interpreter-to-evade-detection/
https://www.sentinelone.com/labs/dragonspark-attacks-evade-detection-with-sparkrat-and-golang-source-code-interpretation/
