In a major blow to China’s cyber espionage efforts, Xu Zewei, a 44-year-old Chinese national, has been extradited from Italy to face charges related to his involvement in a massive hacking campaign that compromised thousands of computers worldwide, including in the United States. According to court documents, Xu worked as a contractor for the Chinese government, hacking into U.S.-based universities, immunologists, and virologists conducting research into COVID-19 vaccines, treatment, and testing.
Between February 2020 and June 2021, Xu allegedly conducted computer intrusions as part of the HAFNIUM campaign, which targeted U.S. COVID-19 research during the height of the pandemic. The hacking activities were directed by officers of the PRC’s Ministry of State Security’s (MSS) Shanghai State Security Bureau (SSSB), who were supervising and directing the hacking activities. Xu’s actions were part of a larger scheme to steal sensitive information from U.S. businesses and universities.
Xu’s extradition marks a significant victory for the FBI, which has been working to bring him to justice for years. “The extradition of Xu Zewei demonstrates the FBI’s reach extends well beyond U.S. borders,” said Assistant Director Brett Leatherman of the FBI’s Cyber Division. “Xu will now answer for his alleged role in HAFNIUM, a group responsible for a vast intrusion campaign directed by China’s Ministry of State Security that compromised more than 12,700 U.S. organizations.”
The charges against Xu are serious, with the government alleging that he worked for a company named Shanghai Powerock Network Co. Ltd. (Powerock), which conducted hacking for the PRC government. Xu is charged with conspiracy to commit computer fraud and abuse, as well as conspiracy to commit economic espionage. If convicted, he faces up to 10 years in prison and a fine of up to $250,000.
The case against Xu is a stark reminder of the ongoing threat posed by state-sponsored hacking groups. “The United States is committed to pursuing hackers who steal information from U.S. businesses and universities and threaten our cybersecurity,” said Assistant Attorney General for National Security John A. Eisenberg. “We will continue to work to protect the American people and bring those responsible to justice.”
Xu’s extradition is a significant development in the ongoing investigation into the HAFNIUM campaign, which compromised thousands of computers worldwide. The case highlights the importance of international cooperation in combating cybercrime and the need for vigilance in protecting sensitive information from state-sponsored hacking groups.
Source: Department of Justice
Related Federal Cases
- Tren de Aragua Leaders Unsealed, Terror Cartel Crimes, Texas, 2023 · Nebraska
- Eduardo Ravelo, Racketeering Conspiracy, Texas 2013 · Texas
- Pam Bondi, Money Laundering, Texas, 2023 · Texas
- Letitia James, State-Sanctioned Intimidation, New York, 2023 · Washington
- Ken Paxton Blocked Texas Land Seizure, Oklahoma OK, 2025 · Texas
