I took a look at Jia Tan's early behavior, and I found it to be consistent with being "compromised" from the beginning. They had months of contributions on private repos before forking a test library and making superficial changes to it, and then diving headlong into archival libraries. It all looks set up and I see no evidence of an actual person at any point.

I also think it is more difficult to get away with bribing/beating an existing contributing than you suggest; esp since failure means likely exposure.