Chinese national arrested in Italy for alleged COVID-19 research theft and mass hacking of US email servers.
ByAinvest
Tuesday, Jul 8, 2025 4:58 pm ET2min read
MSFT--
Xu and another Chinese national, Zhang Yu, who remains at large, are accused in a nine-charge indictment of "hacking and stealing crucial COVID-19 research" from U.S. universities during February 2020. The DOJ said Xu worked for a company called Shanghai Powerock Network, which conducted hacking operations for the Chinese government.
The alleged hackers are also accused of the mass hacks of Microsoft Exchange servers beginning in March 2021. The hackers, publicly referred to as a group called Hafnium, broke into more than 60,000 self-hosted Exchange servers run by mostly small businesses across the United States, allowing the theft of private company mailboxes and address books.
Hafnium has since launched a new hacking campaign, dubbed Silk Typhoon, which researchers say is known for hacking into big companies and government agencies.
The indictment alleges that Xu was hacking and stealing crucial COVID-19 research at the behest of the Chinese government while that same government was simultaneously withholding information about the virus and its origins [1]. Xu was arrested in Milan, Italy, and will face extradition proceedings.
Xu is charged with conspiracy to commit wire fraud and two counts of wire fraud, which carries a maximum penalty of 20 years in prison for each count; conspiracy to cause damage to and obtain information by unauthorized access to protected computers, to commit wire fraud, and to commit identity theft, which carries a maximum penalty of five years in prison; two counts of obtaining information by unauthorized access to protected computers, which carries a maximum penalty of five years in prison; two counts of intentional damage to a protected computer, which carries a maximum penalty of 10 years in prison; and aggravated identity theft, which carries a maximum penalty of two years in prison [1].
The FBI’s Houston Field Office is investigating the case. The Justice Department’s Office of International Affairs provided valuable assistance in securing the defendant’s arrest. Assistant U.S. Attorneys Mark McIntyre and John Marck for the Southern District of Texas and Deputy Chief Matthew Anzaldi of the National Security Division’s National Security Cyber Section are prosecuting the case. The Justice Department’s Office of International Affairs is handling the extradition [1].
An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law [1].
References:
[1] https://www.justice.gov/opa/pr/justice-department-announces-arrest-prolific-chinese-state-sponsored-contract-hacker
The US Justice Department has confirmed the arrest of Chinese national Xu Zewei, accused of hacking and stealing COVID-19 research from US universities and carrying out mass hacks of Microsoft Exchange servers. Xu allegedly worked for a company conducting hacking operations for the Chinese government and is accused of stealing private company mailboxes and address books. Another Chinese national, Zhang Yu, remains at large.
The U.S. Justice Department has confirmed the arrest of Chinese national Xu Zewei, accused of hacking and stealing COVID-19 research from U.S. universities and carrying out mass hacks of Microsoft Exchange servers. Xu was arrested in Italy at the request of U.S. prosecutors.Xu and another Chinese national, Zhang Yu, who remains at large, are accused in a nine-charge indictment of "hacking and stealing crucial COVID-19 research" from U.S. universities during February 2020. The DOJ said Xu worked for a company called Shanghai Powerock Network, which conducted hacking operations for the Chinese government.
The alleged hackers are also accused of the mass hacks of Microsoft Exchange servers beginning in March 2021. The hackers, publicly referred to as a group called Hafnium, broke into more than 60,000 self-hosted Exchange servers run by mostly small businesses across the United States, allowing the theft of private company mailboxes and address books.
Hafnium has since launched a new hacking campaign, dubbed Silk Typhoon, which researchers say is known for hacking into big companies and government agencies.
The indictment alleges that Xu was hacking and stealing crucial COVID-19 research at the behest of the Chinese government while that same government was simultaneously withholding information about the virus and its origins [1]. Xu was arrested in Milan, Italy, and will face extradition proceedings.
Xu is charged with conspiracy to commit wire fraud and two counts of wire fraud, which carries a maximum penalty of 20 years in prison for each count; conspiracy to cause damage to and obtain information by unauthorized access to protected computers, to commit wire fraud, and to commit identity theft, which carries a maximum penalty of five years in prison; two counts of obtaining information by unauthorized access to protected computers, which carries a maximum penalty of five years in prison; two counts of intentional damage to a protected computer, which carries a maximum penalty of 10 years in prison; and aggravated identity theft, which carries a maximum penalty of two years in prison [1].
The FBI’s Houston Field Office is investigating the case. The Justice Department’s Office of International Affairs provided valuable assistance in securing the defendant’s arrest. Assistant U.S. Attorneys Mark McIntyre and John Marck for the Southern District of Texas and Deputy Chief Matthew Anzaldi of the National Security Division’s National Security Cyber Section are prosecuting the case. The Justice Department’s Office of International Affairs is handling the extradition [1].
An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law [1].
References:
[1] https://www.justice.gov/opa/pr/justice-department-announces-arrest-prolific-chinese-state-sponsored-contract-hacker
Stay ahead of the market.
Get curated U.S. market news, insights and key dates delivered to your inbox.
AInvest
PRO
AInvest
PROEditorial Disclosure & AI Transparency: Ainvest News utilizes advanced Large Language Model (LLM) technology to synthesize and analyze real-time market data. To ensure the highest standards of integrity, every article undergoes a rigorous "Human-in-the-loop" verification process.
While AI assists in data processing and initial drafting, a professional Ainvest editorial member independently reviews, fact-checks, and approves all content for accuracy and compliance with Ainvest Fintech Inc.’s editorial standards. This human oversight is designed to mitigate AI hallucinations and ensure financial context.
Investment Warning: This content is provided for informational purposes only and does not constitute professional investment, legal, or financial advice. Markets involve inherent risks. Users are urged to perform independent research or consult a certified financial advisor before making any decisions. Ainvest Fintech Inc. disclaims all liability for actions taken based on this information. Found an error?Report an Issue
ABOUT US
Our StoryNews AuthorsKnowledge BasePrivacy PolicyTerm of UseThird Party Brokerage DisclaimerAIME Terms of UseAInvest AI Risk DisclosuresCareersCONTACT US
Email: support@ainvest.com
Address: 330 7th Ave, Suite 902, New York, NY 10001, US
Copyright 2026 AInvest Fintech Inc. All rights reserved.
Comments
No comments yet