The evidence has always been thin despite U.S. intelligence agencies ultimately supporting the claim.

Carr discusses Crowdstrike's history of bad calls, including having to recently rewrite a report on alleged Russian hacking in Ukraine. The Ukrainian government as well as other cybersecurity experts heavily disputed Crowdstrikes[sic] initial claims.

[...] For firms like Crowdstrike, there's no financial downside in pretending to be able to attribute a hack as the nature of cyber makes it hard to prove or disprove an attribution. Additionally, each report serves as marketing material for future clients.