A Chinese national, Xu Zewei, has been extradited to the United States for allegedly conducting state-directed cyber intrusions, which included targeting COVID-19 research. Xu, 34, appeared in a federal court in Houston on a nine-count indictment related to hacking operations between February 2020 and June 2021. These operations, including the “HAFNIUM” campaign, affected thousands of computers globally, with a focus on the United States.
According to court documents, Xu worked under the guidance of officers from the Shanghai State Security Bureau, a part of China’s Ministry of State Security responsible for foreign intelligence and counterintelligence operations. The US Justice Department emphasized its commitment to pursuing hackers who compromise American cybersecurity and steal information from US businesses and universities.
Assistant Attorney General for National Security John A. Eisenberg stated, “The United States is committed to pursuing hackers who steal information from US businesses and universities and threaten our cybersecurity.” Acting US Attorney John G.E. Marck highlighted that Xu’s alleged crimes involved stealing COVID-19 research from American universities, impacting vital scientific and security efforts during a critical period.
Prosecutors allege that Xu and his associates targeted US-based universities, immunologists, and virologists engaged in COVID-19 vaccine research. In one instance, Xu accessed a Texas university network in February 2020 and later obtained researchers’ email contents under the direction of a Shanghai State Security Bureau officer. The indictment also mentions Xu’s involvement in exploiting vulnerabilities in Microsoft Exchange Server systems as part of the HAFNIUM campaign.
