Latest news with #HAFNIUM
International Business Times
11-07-2025
- International Business Times
Who Is Xu Zewei? 33-Year-Old Chinese Hacker Arrested in Italy for COVID-19 Research Espionage Using Microsoft Server Exploit
In a major move against cybercrime, U.S. officials have confirmed the arrest of 33-year-old Chinese national Xu Zewei in Milan, Italy, on July 3. The arrest was made after a long investigation into cyberattacks targeting COVID-19 research in the U.S. Xu is accused of working with another Chinese citizen, Zhang Yu, 44, who is still at large. Both are believed to have acted on behalf of China's Ministry of State Security (MSS). Xu reportedly led hacking efforts for Shanghai Powerock Network Co. Ltd., a company tied to the Chinese government. U.S. prosecutors say he targeted American universities, scientists, and research labs that were developing COVID-19 vaccines and treatments in early 2020. Court documents state that Xu worked under the Shanghai State Security Bureau (SSSB), part of the MSS. He allegedly carried out cyber intrusions into the systems of U.S. institutions using weaknesses in Microsoft Exchange Servers. This hacking operation is part of a larger cyber-espionage campaign known as "HAFNIUM," which affected over 12,700 organizations around the world, including law firms and research centers. One major target was a university in Texas, where Xu reportedly confirmed to Chinese officials that he had accessed scientists' email accounts. American authorities are calling this a clear case of state-sponsored cyber theft. "We will not tolerate foreign governments stealing from our institutions," said Assistant Attorney General John Eisenberg. U.S. Attorney Nicholas Ganjei also stated that justice was long overdue in this case. Xu is currently awaiting extradition to the U.S., where he will face formal charges. The FBI continues to search for Zhang Yu and asks anyone with information to come forward. While Xu has been charged, he remains innocent until proven guilty in court.
UPI
09-07-2025
- UPI
Chinese hacker arrested, charged with stealing U.S. COVID-19 research
The Department of Justice announced Tuesday the arrest of a Chinese national accused of hacking and stealing COVID-19 information from U.S. universities for the Beijing government. File Photo by Bonnie Cash/UPI | License Photo July 8 (UPI) -- Italian authorities arrested a Chinese national accused by the United States of working at the direction of Beijing to steal COVID-19 vaccine research from U.S. universities, immunologists and virologists during the early days of the pandemic. Xu Zewei, 33, of China, was arrested Thursday in Malan. The nine-count indictment charging him and his co-conspirator, 44-year-old Chinese national Zhang Yu, was unsealed Tuesday by the Justice Department as it seeks Xu's extradition. Zhang remains at large. The arrest and filing of charges are the latest U.S. law enforcement action targeting Chinese nationals accused of working at the behest of Beijing's foreign intelligence arm, the Ministry of State Security, in recent months. According to the indictment, Xu and his coconspirators were involved in the China state-sponsored HAFNIUM hacking campaign -- also known as Silk Typhoon -- that targeted vulnerabilities in the widely used Microsoft Exchange Server program to gain access to victims' information from February 2020 to June 2021. Federal prosecutors said they used the vulnerabilities in the Microsoft program to install code known as webshells on their victims' computers, gaining remote access to the devices. The victims were not named in the charging document, but are identified as a university located in the Southern District of Texas and a university based in North Carolina involved in "research into COVID-19 vaccines, treatments and testing," as well as a second university based in the southern district of Texas and a law firm with offices in Washington, D.C., and elsewhere, including internationally. During a press conference Tuesday, U.S. Attorney Nicholas Ganjei for the Southern District of Texas said Xu would be assigned targets from his handlers within the Ministry of State Security's State Security Bureau with instruction to hack their computers and steal specific information. Once with access to the requested accounts, he copied gigabits of COVID-19 research that he then transferred to China. Ganjei explained the law firm was targeted for the confidential information it had on its clients, specifically that of U.S. policy makers and government agencies. "Although the Chinese state-sponsored hackers are, on occasion, indicted by the Department of Justice, it is exceedingly rare -- indeed it is virtually unheard of -- to actually get your hands on them," he said. "Since 2023, the United States has waited quietly and patiently for Xu to make a mistake that would put him within the reach of the American Judicial system. And last week, he did just that, traveling from Shanghai to Milan, Italy." Ganjei said Italian authorities took him into custody once his plane touched down. He further described that alleged crimes as those not specifically targeting computers, but targeting "American scientific innovation" and the "American system of justice." "Although, the conduct in this case took place several years ago, we never lost sight of our goal to bring the perpetrators of these cyber intrusions to justice. Now, at least, some of that story can be told," he said. A little more than a week earlier, the Justice Department charged two Chinese nationals with spying on the U.S. Navy and its bases as well as assisting Beijing with recruiting others within the U.S. military as potential Ministry of State Security asstes.
India Today
09-07-2025
- India Today
Chinese hacker charged in US for stealing COVID-19 research from universities
A Chinese national has been charged in the U.S. with hacking into American universities' computer systems to steal sensitive COVID-19 research, in what authorities describe as a coordinated operation directed by China's intelligence Zewei, who was arrested last week in Italy, faces a nine-count indictment in the Southern District of Texas. Prosecutors say Xu and fellow Chinese national Zhang Yu infiltrated networks belonging to US universities, immunologists, and virologists between February 2020 and June is awaiting extradition to the US while Zhang remains at large. 'The hacking of these American universities is not just a violation of intellectual property rights. It's an attack on American scientific innovation,' Nicholas J. Ganjei, the Houston-based US Attorney for the Southern District of Texas, said at a news declined to name the universities that had been targeted but said two were located in the Southern District of allege that officers of China's Ministry of State Security, or MSS, directed Xu and others to conduct the hacking. A spokesman for the Chinese Embassy in Washington did not immediately reply to an email seeking allege Xu and Zhang were part of a group known as HAFNIUM, that targeted over 60,000 US entities, successfully victimizing more than 12,700 in order to steal sensitive information. One of those targeted was a law firm with offices worldwide, including in Washington, charges against Xu include wire fraud, obtaining information by unauthorized access to protected computers and aggravated identity theft. The wire fraud charges carry sentences of up to 20 years in announcement comes after the Justice Department earlier this month said two Chinese nationals had been charged with spying inside the United States on behalf of Beijing, including by taking photographs of a naval base.- EndsWith inputs from Associated Press
08-07-2025
Chinese man charged with stealing COVID-19 research
HOUSTON -- A Chinese national has been arrested on suspicion of hacking into several U.S. universities' computer systems to steal COVID-19-related research, authorities announced on Tuesday. Xu Zewei is charged in a nine-count indictment in the Southern District of Texas for his alleged involvement in computer intrusions between February 2020 and June 2021. Another Chinese national, Zhang Yu, was also charged in the indictment. Xu was arrested on Thursday in Italy and is awaiting extradition to the U.S. Authorities said Zhang remains at large. Xu and others are accused of targeting and hacking several U.S.-based universities, immunologists, and virologists conducting research into COVID‑19 vaccines, treatment and testing, according to court documents. 'The hacking of these American universities is not just a violation of intellectual property rights. It's an attack on American scientific innovation,' Nicholas J. Ganjei, the Houston-based U.S. Attorney for the Southern District of Texas, said at a news conference. Authorities declined to name the universities that had been targeted but said two were located in the Southern District of Texas. Authorities allege that officers of China's Ministry of State Security, or MSS, directed Xu and others to conduct the hacking. A spokesman for the Chinese Embassy in Washington did not immediately reply to an email seeking comment. Authorities allege Xu and Zhang were part of a group known as HAFNIUM, that targeted over 60,000 U.S. entities, successfully victimizing more than 12,700 in order to steal sensitive information. One of those targeted was a law firm with offices worldwide, including in Washington, D.C. The charges against Xu include wire fraud, obtaining information by unauthorized access to protected computers and aggravated identity theft. The wire fraud charges carry sentences of up to 20 years in prison.
Associated Press
08-07-2025
- Associated Press
Chinese man charged in Texas with stealing COVID-19 research from US colleges
HOUSTON (AP) — A Chinese national has been arrested on suspicion of hacking into several U.S. universities' computer systems to steal COVID-19-related research, authorities announced on Tuesday. Xu Zewei is charged in a nine-count indictment in the Southern District of Texas for his alleged involvement in computer intrusions between February 2020 and June 2021. Another Chinese national, Zhang Yu, was also charged in the indictment. Xu was arrested on Thursday in Italy and is awaiting extradition to the U.S. Authorities said Zhang remains at large. Xu and others are accused of targeting and hacking several U.S.-based universities, immunologists, and virologists conducting research into COVID‑19 vaccines, treatment and testing, according to court documents. 'The hacking of these American universities is not just a violation of intellectual property rights. It's an attack on American scientific innovation,' Nicholas J. Ganjei, the Houston-based U.S. Attorney for the Southern District of Texas, said at a news conference. Authorities declined to name the universities that had been targeted but said two were located in the Southern District of Texas. Authorities allege that officers of China's Ministry of State Security, or MSS, directed Xu and others to conduct the hacking. A spokesman for the Chinese Embassy in Washington did not immediately reply to an email seeking comment. Authorities allege Xu and Zhang were part of a group known as HAFNIUM, that targeted over 60,000 U.S. entities, successfully victimizing more than 12,700 in order to steal sensitive information. One of those targeted was a law firm with offices worldwide, including in Washington, D.C. The charges against Xu include wire fraud, obtaining information by unauthorized access to protected computers and aggravated identity theft. The wire fraud charges carry sentences of up to 20 years in prison. Tuesday's announcement comes after the Justice Department earlier this month said two Chinese nationals had been charged with spying inside the United States on behalf of Beijing, including by taking photographs of a naval base.
