Latest news with #ZhangYu
International Business Times
5 days ago
- International Business Times
Who Is Xu Zewei? 33-Year-Old Chinese Hacker Arrested in Italy for COVID-19 Research Espionage Using Microsoft Server Exploit
In a major move against cybercrime, U.S. officials have confirmed the arrest of 33-year-old Chinese national Xu Zewei in Milan, Italy, on July 3. The arrest was made after a long investigation into cyberattacks targeting COVID-19 research in the U.S. Xu is accused of working with another Chinese citizen, Zhang Yu, 44, who is still at large. Both are believed to have acted on behalf of China's Ministry of State Security (MSS). Xu reportedly led hacking efforts for Shanghai Powerock Network Co. Ltd., a company tied to the Chinese government. U.S. prosecutors say he targeted American universities, scientists, and research labs that were developing COVID-19 vaccines and treatments in early 2020. Court documents state that Xu worked under the Shanghai State Security Bureau (SSSB), part of the MSS. He allegedly carried out cyber intrusions into the systems of U.S. institutions using weaknesses in Microsoft Exchange Servers. This hacking operation is part of a larger cyber-espionage campaign known as "HAFNIUM," which affected over 12,700 organizations around the world, including law firms and research centers. One major target was a university in Texas, where Xu reportedly confirmed to Chinese officials that he had accessed scientists' email accounts. American authorities are calling this a clear case of state-sponsored cyber theft. "We will not tolerate foreign governments stealing from our institutions," said Assistant Attorney General John Eisenberg. U.S. Attorney Nicholas Ganjei also stated that justice was long overdue in this case. Xu is currently awaiting extradition to the U.S., where he will face formal charges. The FBI continues to search for Zhang Yu and asks anyone with information to come forward. While Xu has been charged, he remains innocent until proven guilty in court.
Toronto Star
08-07-2025
- Toronto Star
Chinese man charged in Texas with stealing COVID-19 research from US colleges
HOUSTON (AP) — A Chinese national has been arrested on suspicion of hacking into several U.S. universities' computer systems to steal COVID-19-related research, authorities announced on Tuesday. Xu Zewei is charged in a nine-count indictment in the Southern District of Texas for his alleged involvement in computer intrusions between February 2020 and June 2021. Another Chinese national, Zhang Yu, was also charged in the indictment.
Washington Post
08-07-2025
- Washington Post
Chinese man charged in Texas with stealing COVID-19 research from US colleges
HOUSTON — A Chinese national has been arrested on suspicion of hacking into several U.S. universities' computer systems to steal COVID-19-related research, authorities announced on Tuesday. Xu Zewei is charged in a nine-count indictment in the Southern District of Texas for his alleged involvement in computer intrusions between February 2020 and June 2021. Another Chinese national, Zhang Yu, was also charged in the indictment.
Associated Press
08-07-2025
- Associated Press
Chinese man charged in Texas with stealing COVID-19 research from US colleges
HOUSTON (AP) — A Chinese national has been arrested on suspicion of hacking into several U.S. universities' computer systems to steal COVID-19-related research, authorities announced on Tuesday. Xu Zewei is charged in a nine-count indictment in the Southern District of Texas for his alleged involvement in computer intrusions between February 2020 and June 2021. Another Chinese national, Zhang Yu, was also charged in the indictment. Xu was arrested on Thursday in Italy and is awaiting extradition to the U.S. Authorities said Zhang remains at large. Xu and others are accused of targeting and hacking several U.S.-based universities, immunologists, and virologists conducting research into COVID‑19 vaccines, treatment and testing, according to court documents. 'The hacking of these American universities is not just a violation of intellectual property rights. It's an attack on American scientific innovation,' Nicholas J. Ganjei, the Houston-based U.S. Attorney for the Southern District of Texas, said at a news conference. Authorities declined to name the universities that had been targeted but said two were located in the Southern District of Texas. Authorities allege that officers of China's Ministry of State Security, or MSS, directed Xu and others to conduct the hacking. A spokesman for the Chinese Embassy in Washington did not immediately reply to an email seeking comment. Authorities allege Xu and Zhang were part of a group known as HAFNIUM, that targeted over 60,000 U.S. entities, successfully victimizing more than 12,700 in order to steal sensitive information. One of those targeted was a law firm with offices worldwide, including in Washington, D.C. The charges against Xu include wire fraud, obtaining information by unauthorized access to protected computers and aggravated identity theft. The wire fraud charges carry sentences of up to 20 years in prison. Tuesday's announcement comes after the Justice Department earlier this month said two Chinese nationals had been charged with spying inside the United States on behalf of Beijing, including by taking photographs of a naval base.
CNN
08-07-2025
- CNN
US seeks extradition of Chinese man held in Italy accused of hacking to steal Covid-19 vaccine research
Italian authorities have arrested a Chinese man accused by US prosecutors of being part of a hacking team that stole coveted US research into a coronavirus vaccine on behalf of Chinese intelligence. At the height of the pandemic in early 2020, Xu Zewei worked at the behest of China's Ministry of State Security, to target US-based universities, virologists and immunologists doing research on Covid-19 vaccines, treatment and testing, according to an indictment unsealed Tuesday in the US District Court for the Southern District of Texas. The indictment accuses another person, Zhang Yu, of participating in the activity. Zhang is believed to be in China, a Justice Department spokesperson said. Xu, 33, was detained at the Malpensa Airport northwest of Milan on July 3 and then taken to a nearby prison ahead of his court appearance, according to statements to CNN from Italian authorities. He made his initial court appearance in Milan on Tuesday as the US Justice Department begins to try to extradite Xu to the US District of South Texas, where he faces wire fraud, identity theft and hacking-related charges. The arrest is a major breakthrough for the FBI, which hunts hackers accused of working for foreign spies but rarely gets one from China into custody. 'He is one of the first hackers linked to Chinese intelligence services to be captured by the FBI,' the FBI's Houston field office posted on X. In court on Tuesday, Xu said he 'has nothing to do with this case,' his lawyer, Enrico Giarda, told reporters. 'He described himself as an IT manager at a company in Shanghai and essentially stated that he has no reason to commit the criminal acts he is being accused of,' said Giarda, adding that he was still waiting to review documents 'and understand exactly how the FBI identified him.' The arrest sets up an extradition battle that could put pressure on the Italian government, which has sought to court US President Donald Trump while also maintaining good relations with China, a significant trading partner. The indictment did not name any of the universities allegedly targeted by Xu and Zhang, but in a statement to CNN, the University of Texas Medical Branch in Galveston confirmed it was one of them. The university conducted extensive Covid-related research, including a study of the effectiveness of vaccines against emerging strains of the virus. 'The University of Texas Medical Branch is grateful to the FBI and all involved law enforcement agencies for their diligence in pursuing this investigation,' the statement said while declining further comment, citing an ongoing investigation. Liu Pengyu, spokesperson for the Chinese Embassy in Washington, DC, said he was unaware of Xu's case but that 'similar rumors have surfaced multiple times in the past, and China has already stated its position on the matter.' Chinese vaccine research and development, Liu said in an email, 'is among the most advanced in the world. China has neither the need nor the intention to acquire vaccines through so-called theft.' When the coronavirus went global in 2020, intelligence services around the world scrambled to gather information on the impacts of the virus, according to private experts and Western government officials. In some cases, that allegedly meant using hackers to target research centers developing a vaccine. The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) singled out China in a May 2020 public advisory. 'The FBI is investigating the targeting and compromise of U.S. organizations conducting COVID-19-related research by PRC-affiliated cyber actors and non-traditional collectors,' the advisory said, using an acronym for the Chinese government. Those China-linked actors 'have been observed attempting to identify and illicitly obtain valuable intellectual property and public health data related to vaccines, treatments, and testing' from computer networks holding Covid-related data, the FBI and CISA said then. Teddy Nemeroff, a former senior cyber official at the State Department, said the five years between that advisory and Xu's arrest show the painstaking work that goes into efforts to track down hackers who target valuable US institutions. 'These types of arrests send an important message to cyber criminals who think they can operate with impunity from permissive jurisdictions,' Nemeroff told CNN. 'Even five years after they targeted Covid vaccine research, US law enforcement caught up with him. Such arrests are only possible with cooperation from strong law enforcement partners like Italy, who are willing to put themselves in potentially uncomfortable diplomatic positions with countries like China.' The FBI has said that China has a bigger hacking program than all other foreign governments combined, making it challenge to match Beijing's pace in intelligence-gathering. Xu's arrest 'probably isn't going to have any immediate, practical effect,' John Hultquist, chief analyst at Google's Threat Intelligence Group, told CNN. 'It may cause someone to think twice before getting involved in this because you won't be able to take a vacation.'
