Overview
- Xu Zewei was arrested in Milan on July 3 at the request of U.S. authorities and is being held pending extradition to the Southern District of Texas.
- A nine-count indictment unsealed July 8 charges him and co-defendant Zhang Yu with computer intrusions from February 2020 to June 2021, including the HAFNIUM campaign and theft of COVID-19 research.
- Court documents allege officers of China’s Ministry of State Security directed Xu to exploit Microsoft Exchange Server vulnerabilities and install web shells to steal data.
- Prosecutors say Xu operated through Shanghai Powerock Network Co. Ltd., one of several Chinese front companies facilitating government-sponsored hacking.
- Zhang Yu remains at large and the FBI has issued a reward for information leading to his capture as international partners collaborate on the case.