NewKerala.com

China-Linked Hacker Extradited to US Over COVID Research Theft

Chinese national Xu Zewei has been extradited to the US for alleged state-directed cyber intrusions targeting COVID-19 research. Xu is charged with hacking operations between 2020-2021 as part of the HAFNIUM campaign. Prosecutors allege he accessed university networks and stole researchers' emails under direction from Shanghai State Security Bureau. Xu faces up to 20 years in prison on charges including wire fraud and identity theft.

Key Points: China-Linked Hacker Extradited to US for COVID Research Hack

  • Chinese hacker extradited to US for state-directed cyber intrusions
  • Xu Zewei targeted COVID-19 research from US universities
  • Part of HAFNIUM campaign compromising thousands of computers
  • Faces up to 20 years in prison on multiple charges
3 min read

China-linked hacker extradited to US

Chinese national Xu Zewei extradited to US for hacking COVID-19 research and HAFNIUM campaign. Faces 20 years in prison.

"The extradition of Xu Zewei demonstrates the FBI's reach extends well beyond U.S. borders. - Brett Leatherman"

Washington, April 28

A Chinese national accused of carrying out state-directed cyber intrusions, including targeting COVID-19 research, has been extradited to the United States and appeared in a federal court in Houston on a nine-count indictment, the Justice Department said.

Xu Zewei, 34, is charged over alleged hacking operations between February 2020 and June 2021, including activity linked to the "HAFNIUM" campaign that compromised thousands of computers worldwide, including in the United States.

According to court documents, Xu acted under the direction of officers from the Shanghai State Security Bureau (SSSB), part of China's Ministry of State Security (MSS), which oversees foreign intelligence and counterintelligence operations.

"The United States is committed to pursuing hackers who steal information from US businesses and universities and threaten our cybersecurity," said Assistant Attorney General for National Security John A. Eisenberg.

Acting US Attorney John G.E. Marck said Xu would "stand in a federal courtroom to answer for crimes that struck at the heart of American science and security - allegedly stealing COVID-19 research from our universities when the world needed it most."

Prosecutors allege that Xu and his co-conspirators targeted US-based universities, immunologists and virologists working on COVID-19 vaccines, treatment and testing. In one instance in February 2020, Xu is said to have accessed a university network in Texas and later obtained the contents of researchers' email accounts at the direction of an SSSB officer.

The indictment states that Xu and Zhang Yu, a co-accused who remains at large, later exploited vulnerabilities in Microsoft Exchange Server systems as part of the HAFNIUM campaign.

"The extradition of Xu Zewei demonstrates the FBI's reach extends well beyond U.S. borders," said Brett Leatherman, Assistant Director of the FBI's Cyber Division.

He added that Xu was "one of many contractors the Chinese government uses to obscure its hand in cyber operations" and warned that others face similar risks.

Investigators said the HAFNIUM campaign exploited previously unknown vulnerabilities, enabling the installation of web shells that allowed remote access to compromised systems. Victims included universities and a global law firm, where stolen data was searched for information related to US policymakers and government agencies.

Court filings further allege that the conspirators used stolen credentials, malware and other techniques to maintain persistent access to victim networks, causing damage running into millions of dollars.

Xu faces multiple charges, including conspiracy to commit wire fraud, unauthorised access to protected computers, intentional damage to computer systems and aggravated identity theft. The most serious counts carry potential prison sentences of up to 20 years.

- IANS

Share this article:

Reader Comments

P
Priya S
Targeting COVID-19 research? That's low even by spy standards. While I understand nations have strategic interests, stealing research during a global pandemic that killed millions is just cruel. Justice should be served. Also, India should be very careful about Chinese tech companies operating here.
M
Michael C
As an American living in India for work, I follow these cases closely. The US needs to be firm, but China will just replace this one guy with another. It's a never-ending game. What worries me more is how many Chinese contractors are embedded in Indian telecom networks. We need more transparency.
R
Rohit P
I'm conflicted. On one hand, cyber attacks are serious and China should be held accountable. On the other hand, the US has done similar things (remember Snowden?). And India also has its own cyber capabilities. We need a global cyber treaty that everyone follows, not just selective justice 😕
K
Kavya N
The HAFNIUM attack was massive - even India's CERT-In had issued alerts about it. I work in cybersecurity, and we saw Chinese-sponsored groups targeting our pharmaceutical companies too, not just universities. The problem is most Indian companies don't report breaches. We need better cyber hygiene and reporting culture.
J
Jessica F
Remember when China stole the Moderna vaccine formula? This is the same playbook. I'm glad the US is prosecuting, but I worry about retaliation. What if China starts targeting Indian infrastructure more aggressively? We share a long border and they have many ways to create trouble. Good diplomacy is needed here.

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50