In my opinion it's the same guys, behind the first test.
" According to Weaver, a Bitcoin address used in this stress test was used in a previous test orchestrated by Coinwallet.eu. This is particularly damning evidence, although it’s worth noting that Coinwallet.eu publicly announced its previous stress tests, but this one came without warning."
They decided to launch a new test, without prior notification. I did suggest this in a previous thread on this board. If you want to run a stress test, in a real environment, you have to do it without prior notification.
If you give prior notification, the results might be contaminated by people with hidden agendas. {They might attack too, and then influence the results}
Time will tell, who this was and why they did it... but it's costing them a lot of money.