A suspected state-linked hacker has been extradited to the US, according to the Department of Justice, after being charged over a series of intrusions carried out between February 2020 and June 2021, some linked to the Silk Typhoon campaign. Xu Zewei, a 34-year-old Chinese national, appeared in a Houston federal court over the weekend, with prosecutors alleging he acted under the direction of China’s intelligence apparatus, specifically the Ministry of State Security and its Shanghai branch.
Court filings claim he worked through a private contractor, Shanghai Powerock Network Co. Ltd., as part of an ecosystem used to obscure government involvement in cyber operations. Investigators said early attacks targeted US universities and researchers working on COVID-19, with stolen mailbox data including emails about vaccines, treatments and testing.
The operation allegedly expanded into exploiting Microsoft Exchange Server vulnerabilities as part of Silk Typhoon, also tracked as Hafnium, which affected more than 12,700 US organizations, according to the FBI. Xu faces multiple charges, including wire fraud, unauthorized access to protected computers and identity theft, while his co-defendant Zhang Yu remains at large.