A Chinese citizen has been arrested in Milan, Italy, for allegedly being involved with a state-sponsored hacking group known for targeting U.S. organizations and government agencies.
According to Italian news agency ANSA, the suspect, 33-year-old Xu Zewei, was arrested on July 3rd at Milan’s Malpensa Airport after arriving on a flight from China. Italian authorities detained him based on an international arrest warrant issued by the United States.
Xu is accused of having ties to Silk Typhoon, also known as Hafnium, a Chinese state-backed cyber espionage group. This group has carried out a wide range of attacks against the U.S. and other countries, particularly focusing on stealing sensitive data.
One of the key allegations against Xu is his involvement in 2020 cyberattacks that targeted infectious disease researchers and healthcare organizations. These attacks aimed to steal information related to COVID-19 vaccines, treatments, and testing. A joint cybersecurity advisory noted that these hackers were attempting to illegally obtain valuable public health data and intellectual property.
Silk Typhoon has also been linked to more recent attacks on U.S. government bodies, including the Office of Foreign Assets Control (OFAC) and the Committee on Foreign Investment in the United States (CFIUS).
In March 2025, Microsoft reported that the group had shifted its tactics, now focusing on remote management tools and cloud services as part of supply chain attacks. These efforts aim to infiltrate downstream networks through trusted third-party services.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
Xu is currently being held in Busto Arsizio prison in Italy, as the U.S. seeks his extradition to face charges in American courts.
