A man accused of carrying out cyberattacks for the Chinese government has been extradited to the United States and could face more than a decade in prison if convicted.
U.S. authorities say Xu Zewei was involved in espionage-linked cyber operations targeting American institutions.
Last year, the U.S. Department of Justice charged Xu with allegedly working as a contractor for China’s Ministry of State Security. Prosecutors claim he and co-conspirator Zhang Yu targeted several U.S. universities in early 2020 to steal COVID-19 pandemic research.
They were also accused of attacking thousands of email servers running Microsoft Exchange starting in March 2021. The campaign was linked to the Chinese-backed hacking group Hafnium, later associated with Silk Typhoon.
Xu was arrested in Italy last year following a U.S. request. He has now been transferred to the U.S. and is being held in Houston, Texas. Court records show he appeared in federal court for an initial hearing and pleaded not guilty to all charges.
The Justice Department has alleged Xu worked for Shanghai Powerock Network, which prosecutors say conducted cyber operations for Beijing. Investigators claim hackers linked to Hafnium exploited unknown flaws in Microsoft Exchange to breach defense contractors, law firms, think tanks, and infectious disease researchers.
According to prosecutors, more than 60,000 U.S. entities were targeted, with over 12,700 reportedly compromised.
The Chinese Embassy in Washington, D.C. did not comment. The Chinese Foreign Ministry has reportedly opposed the extradition and accused the U.S. of fabricating cases.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
The extradition follows earlier U.S. actions against alleged Chinese cyber operatives. In 2022, Yanjun Xu was sentenced to 20 years in prison in a separate case.
