The U.S. Justice Department has confirmed the arrest of Chinese national Xu Zewei, an alleged prolific contract hacker who carried out cyberattacks for China. Xu was arrested in Italy at the request of U.S. prosecutors.
Xu and another Chinese national Zhang Yu, who remains at large, are accused in a nine-charge indictment of “hacking and stealing crucial COVID-19 research” from U.S. universities during February 2020. The DOJ said Xu worked for a company called Shanghai Powerock Network, which conducted hacking operations for the Chinese government.
The alleged hackers are also accused of the mass hacks of Microsoft Exchange servers beginning in March 2021. The hackers, publicly referred to as a group called Hafnium, broke into more than 60,000 self-hosted Exchange servers run by mostly small businesses across the United States, allowing the theft of private company mailboxes and address books.
Hafnium has since launched a new hacking campaign, dubbed Silk Typhoon, which researchers say is known for hacking into big companies and government agencies.
