A Chinese language nationwide accused of being a member of the Silk Storm hacking group has been extradited to the U.S. from Italy.
Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged hyperlinks to the Chinese language state-sponsored risk group and for orchestrating cyber assaults in opposition to American organizations and authorities companies between February 2020 and June 2021, together with breaking into techniques at a Texas college to steal COVID-19 vaccine data.
He was charged with 9 counts of wire fraud and conspiracy to trigger harm to and acquire data by unauthorized entry to protected computer systems, in addition to committing aggravated id theft.
Xu, together with co-defendant and Chinese language nationwide Zhang Yu, is claimed to have undertaken the assaults underneath instructions issued by the Ministry of State Safety’s (MSS) Shanghai State Safety Bureau (SSSB). A few of these assaults weaponized then zero-days in Microsoft Change Server, a risk exercise cluster that Microsoft tracked as Hafnium, to breach targets and deploy internet shells for distant administration.
Xu labored for an organization named Shanghai Powerock Community Co. Ltd. when the assaults have been carried out, per the indictment. The U.S. Division of Justice (DoJ) stated Powerock was one in every of many “enabling” corporations in China that performed hacking operations for the federal government.
“In early 2020, Xu and his co-conspirators hacked and in any other case focused U.S.-based universities, immunologists, and virologists conducting analysis into COVID‑19 vaccines, remedy, and testing,” the DoJ added. “The costs additional allege that starting in late 2020, Xu and his co-conspirators exploited sure vulnerabilities in Microsoft Change Server, a widely-used Microsoft product for sending, receiving, and storing e-mail messages.”
Nonetheless, the defendant has repeatedly denied any involvement in Chinese language authorities hacking operations, claiming his arrest was a case of mistaken id. He was in Milan along with his spouse on trip when he was apprehended. Talking to TechCrunch, Xu’s lawyer stated he pleaded not responsible to all prices throughout a courtroom listening to on Monday. Zhang Yu stays at massive.
