US government confirms arrest of Chinese national accused of stealing COVID research and mass-hacking email servers
The U.S. Justice Department has announced the arrest of Chinese national Xu Zewei, a prolific contract hacker accused of conducting sophisticated cyberattacks on behalf of the Chinese government. Xu was apprehended in Italy following a request from U.S. prosecutors, marking a significant step in international cybersecurity enforcement.
Xu Zewei, along with another Chinese national, Zhang Yu (who remains at large), faces a nine-charge indictment. The charges include hacking and stealing critical COVID-19 research from U.S. universities in February 2020. The Justice Department revealed that Xu was associated with Shanghai Powerock Network, a company allegedly involved in carrying out hacking operations for the Chinese government, underscoring the state-sponsored nature of these cyber intrusions.
The indictment further accuses the alleged hackers of initiating mass hacks on Microsoft Exchange servers, beginning in March 2021. This group, widely identified as ‘Hafnium’, successfully breached over 60,000 self-hosted Exchange servers. The vast majority of these compromised servers belonged to small businesses across the United States, leading to the theft of private company mailboxes and address books. This widespread breach highlighted critical vulnerabilities and the significant impact on private sector data security.
Adding to their notorious activities, Hafnium has reportedly launched a new hacking campaign known as ‘Silk Typhoon’. Cybersecurity researchers indicate that Silk Typhoon is characterized by its targeting of large corporations and government agencies, signaling an evolving and escalating threat landscape in state-sponsored cyber espionage.
The arrest of Xu Zewei serves as a stark reminder of the persistent cyber threats posed by state-sponsored actors and the ongoing efforts by global law enforcement to counter such illicit activities. It also emphasizes the importance of robust cybersecurity measures for organizations of all sizes, particularly those holding sensitive data like critical research or private communications.
