A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy.
Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber attacks against American organizations and government agencies between February 2020 and June 2021, including breaking into systems at a Texas university to steal COVID-19 vaccine information.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
He was charged with nine counts of wire fraud and conspiracy to cause damage to and obtain information by unauthorized access to protected computers, as well as committing aggravated identity theft.
Xu, along with co-defendant and Chinese national Zhang Yu, is said to have undertaken the attacks under directions issued by the Ministry of State Security’s (MSS) Shanghai State Security Bureau (SSSB). Some of these attacks weaponized then zero-days in Microsoft Exchange Server, a threat activity cluster that Microsoft tracked as Hafnium, to breach targets and deploy web shells for remote administration.
Xu worked for a company named Shanghai Powerock Network Co. Ltd. when the attacks were carried out, per the indictment. The U.S. Department of Justice (DoJ) said Powerock was one of many “enabling” companies in China that conducted hacking operations for the government.
“In early 2020, Xu and his co-conspirators hacked and otherwise targeted U.S.-based universities, immunologists, and virologists conducting research into COVID‑19 vaccines, treatment, and testing,” the DoJ added. “The charges further allege that beginning in late 2020, Xu and his co-conspirators exploited certain vulnerabilities in Microsoft Exchange Server, a widely-used Microsoft product for sending, receiving, and storing email messages.”
However, the defendant has repeatedly denied any involvement in Chinese government hacking operations, claiming his arrest was a case of mistaken identity. He was in Milan with his wife on vacation when he was apprehended. Speaking to TechCrunch, Xu’s lawyer said he pleaded not guilty to all charges during a court hearing on Monday. Zhang Yu remains at large.
Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.
Some parts of this article are sourced from:
thehackernews.com
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover