US Arrests Chinese Hacker in Italy for Cyberattacks on American Institutions

• A Chinese national, Xu Zewei, has been arrested in Italy for allegedly leading cyberattacks against U.S. institutions to steal COVID-19 research and policy data
• Prosecutors say he worked under the direction of China’s state security agency and was linked to the global “HAFNIUM” hacking campaign
• Xu faces multiple federal charges and could receive decades in prison if convicted, while his co-accused, Zhang Yu, remains at large

A Chinese national accused of working at the direction of China’s state intelligence agency to infiltrate American networks and steal COVID-19 research has been arrested in Italy on a U.S. warrant.

Xu Zewei, 33, was detained at Milan’s international airport as he arrived on a flight from China, following a sealed indictment filed in Texas in 2023 and recently made public.

Arrested hacker working for Chinese government

Federal prosecutors allege that Xu, alongside 44-year-old Zhang Yu, engaged in a wide-ranging cyberattack campaign between February 2020 and June 2021, orchestrated under the guidance of China’s Ministry of State Security (MSS) and its Shanghai State Security Bureau (SSSB).

Read also

Plot to sack Tinubu in 2027: Ex-SGF Babachir speaks on how APC govs, bigwigs secretly supporting ADC

Their operations included hacking major U.S. institutions, exploiting vulnerabilities in Microsoft Exchange servers, and targeting academic and health research centers during the peak of the COVID-19 pandemic.

Authorities say Xu worked for Shanghai Powerock Network Co. Ltd., a private contractor that allegedly functioned as a front for state-sponsored cyber espionage.

His role reportedly involved compromising networks and providing stolen data directly to MSS handlers.

One notable operation cited in the indictment involved Xu confirming, on February 19, 2020, the breach of a major research university’s systems.

Days later, under SSSB orders, he allegedly extracted emails and data from top virologists working on COVID-19 vaccines and treatment research.

Hacker linked to infamous HAFNIUM campaign

Xu and his co-conspirators are also linked to the now-infamous “HAFNIUM” hacking campaign, where Microsoft Exchange Server vulnerabilities were exploited on a global scale.

U.S. officials say the intrusion affected thousands of systems worldwide, including law firms and policy institutions in Washington, D.C., with hackers searching mailboxes using terms like “Chinese sources,” “MSS,” and “Hong Kong.”

Read also

Jubilation as military bombs terrorists’ enclaves on Borno mountain

Federal officials have described the campaign as reckless and indiscriminate.

“The Southern District of Texas has been waiting years to bring Xu to justice,” said U.S. Attorney Nicholas Ganjei.

“Even if it takes years, we will track hackers down and make them answer for their crimes.”

Xu faces multiple federal charges, including wire fraud, computer fraud, identity theft, and conspiracy. If convicted, he could serve up to 20 years for wire fraud alone, with additional penalties for other charges, including a mandatory two-year sentence for identity theft.

Meanwhile, Zhang remains at large. The FBI is urging anyone with information about his location to contact 1-800-CALL-FBI.

The case is being prosecuted by Assistant U.S. Attorneys S. Mark McIntyre and John Marck, along with officials from the Justice Department’s National Security Division.

Full list of countries whose citizens Trump is deporting

Earlier, Legit.ng reported that the United States had begun a large-scale deportation operation affecting over 1.4 million noncitizens, as the Trump administration moves forward with its immigration crackdown.

Read also

Education minister Alausa hailed as FG partners with Amazon to train Nigerian educators, students

The deportations, targeting individuals with final removal orders, span more than 150 countries, making this one of the most extensive removal efforts in U.S. history.

Source: Legit.ng