Skip to content
Tech News
← Back to articles

Alleged Silk Typhoon hacker extradited to US for cyberespionage

2026-04-27 | original
read original get Cybersecurity VPN Router → more articles
Why This Matters

The extradition of Xu Zewei highlights the ongoing international efforts to combat state-sponsored cyberespionage, emphasizing the growing importance of cybersecurity in protecting sensitive data and infrastructure. This case underscores the increasing sophistication of hacking groups linked to nation-states and the need for robust security measures for organizations worldwide.

Key Takeaways

A Chinese national accused of carrying out cyberespionage operations for China's intelligence services has been extradited from Italy to the United States to face criminal charges.

According to a DOJ announcement, Xu Zewei is alleged to be a contract hacker for China's Ministry of State Security (MSS) who conducted breaches between February 2020 and June 2021 as part of a coordinated intelligence-gathering campaign.

Xu was previously arrested in Milan, Italy, in 2025 at the request of U.S. authorities for his alleged ties to the Silk Typhoon hacking group.

The indictment links Xu to a series of attacks attributed to the Chinese Silk Typhoon hacking group, also known as Hafnium, which exploited vulnerabilities in internet-facing systems to gain initial access to victim networks. Once inside, the attackers performed reconnaissance, deployed malware, and stole data.

The DOJ says Xu was involved in intrusions targeting COVID-19 research organizations, where the attackers allegedly sought to obtain data on vaccines, treatments, and testing.

U.S. authorities also allege that Xu and his co-conspirators exploited Microsoft Exchange Server zero-day vulnerabilities beginning in late 2020 as part of a widespread campaign to compromise email servers and gain access to victim networks.

After breaching vulnerable Exchange servers, attackers deployed web shells that allowed them to access mailboxes, move laterally within networks, and exfiltrate data. The widespread exploitation led to global incidents impacting thousands of organizations before patches were fully available.

Prosecutors say Xu and his co-defendant operated as contracted hackers under the direction of MSS officials.

"According to court documents, officers of the PRC's Ministry of State Security's (MSS) Shanghai State Security Bureau (SSSB) directed Xu to conduct this hacking," the DOJ said.

"When Xu conducted the computer intrusions, he allegedly worked for a company named Shanghai Powerock Network Co., Ltd. (Powerock)," the announcement adds, describing it as one of many firms used to carry out hacking operations on behalf of the Chinese government.

... continue reading

Explore topics: silk typhoon hafnium microsoft exchange cyberespionage ministry of state security
Related:
Hacker who allegedly carried out cyberattacks for China is extradited to U.S.
Hacker who allegedly carried out cyberattacks for China is extradited to US
New Cambridge human brain-inspired chip could slash AI energy use — new type of memristor has roughly a million times lower switching current than conventional devices
China-Nexus Hackers Skulk in Southeast Asian Military Orgs for Years
Kimsuky APT Takes Over South Korean Androids, Abuses KakaoTalk

© 2026 GoKawiil

About | Editorial Policy | Contact