Xu Zewei, an alleged civilian contractor acting as a proxy for the Chinese Ministry of State Security, has been extradited from Italy to the United States to face federal hacking charges. Arrested in Italy last year at the request of U.S. authorities, Xu was transferred to American custody over the weekend and is currently held at the Federal Detention Center in Houston, Texas. Following his initial appearance in federal court, he was remanded back into custody. If convicted of the espionage and hacking charges outlined by the U.S. Justice Department, he faces over a decade in federal prison.
Federal prosecutors allege that Xu and a co-conspirator, Zhang Yu, engaged in a multi — year cyberespionage campaign targeting critical American institutions. In early 2020, the duo allegedly focused their efforts on several U.S. universities to steal sensitive research related to the COVID-19 pandemic. By March 2021, their focus shifted to a massive, indiscriminate campaign exploiting previously undiscovered security flaws in Microsoft Exchange email servers. Operating under the umbrella of a Chinese state — backed hacking collective known to enterprise security researchers as Hafnium, and later Silk Typhoon, the operatives executed one of the most widespread network intrusions in recent history.
The scale of the Microsoft Exchange server compromise was staggering, with prosecutors stating that Hafnium hackers targeted more than 60,000 entities across the United States. They successfully breached over 12,700 of those organizations. The victimized entities spanned multiple highly sensitive sectors, including defense contractors, law firms, policy think tanks, and infectious disease researchers. Court records indicate that Xu utilized the Shanghai Powerock Network as a front company to obfuscate his malicious activities. According to the indictment, Xu and his fellow hackers reported their operations directly to Chinese state officials in Shanghai rather than operating as traditional intelligence officers.
The extradition has predictably ignited diplomatic friction between Washington and Beijing. While the Chinese Embassy in Washington did not respond to requests for comment regarding the newly announced extradition, reports indicate the Chinese Foreign Ministry strongly opposed Xu's transfer from Italy, accusing the U.S. government of fabricating the cases against him. Meanwhile, in the United States, Xu's legal defense is moving forward. His Italian lawyer, Simona Candido, confirmed his transfer, while his U.S.-based attorney, Dan Cogdell, appeared for the initial Houston court hearing after being notified of the proceedings earlier the same day.
The successful extraction of a Chinese state — linked operative from a European ally underscores escalating international legal countermeasures against persistent cyber threats. For years, the U.S. government has indicted suspected Chinese hackers, though many remain at large within their home country's borders. Securing Xu’s presence in a U.S. courtroom follows a significant 2022 milestone when Yanjun Xu became the first Chinese government intelligence officer extradited to the United States, eventually receiving a twenty — year prison sentence for hacking crimes. The impending trial is expected to shed further light on the internal mechanics of Chinese state — sponsored cyber operations and the direct links between civilian enterprise contractors and government intelligence directives.
Sources
Replies (0)
No replies in this topic yet.
