In a high-profile cybercrime case with geopolitical undertones, Chinese national Xu Zewei, 33, Chinese Hacker Arrested in Italy Airport on July 3, 2025, by Italian authorities acting on a U.S. extradition warrant. The U.S. Department of Justice (DOJ) alleges Xu operated as a state-sponsored hacker affiliated with the infamous cyber-espionage group Silk Typhoon, also known as Hafnium, and was involved in a series of cyberattacks targeting U.S. institutions during the COVID-19 pandemic.
Xu’s arrest comes as part of a broader U.S. crackdown on Chinese-sponsored cyber operations. He is accused of exploiting critical vulnerabilities in Microsoft Exchange servers and installing malicious web shells to gain unauthorized access to networks of universities, law firms, and government agencies. The suspect had reportedly entered Italy for a personal vacation and now awaits an Italian court’s ruling on whether he will be extradited to Texas, where the charges were filed.
Chinese Hacker Arrested in Italy Because of COVID-19 Research, Zero-Day Exploits, and State Sponsorship
A newly unsealed nine-count indictment in the Southern District of Texas outlines Xu’s role in a sophisticated hacking campaign, carried out alongside co-defendant Zhang Yu, believed to still reside in China. The DOJ claims both individuals acted under the direction of China’s Ministry of State Security (MSS), working as contractors through a company called Shanghai Powerock Network Co., Ltd.
Between February 2020 and June 2021, Xu and his associates allegedly stole cutting-edge COVID-19 research from several U.S. universities, including institutions in Texas, North Carolina, and Washington, D.C. The indictment further details how the hackers exploited zero-day vulnerabilities in Microsoft Exchange Server in early 2021, a breach that led to the compromise of tens of thousands of systems worldwide, an incident widely attributed to Hafnium.
Cybersecurity experts, including those from Microsoft and Mandiant, have confirmed that Silk Typhoon’s activities align with Chinese intelligence objectives, targeting healthcare, defense, and legal sectors globally. The coordinated nature of the attacks, combined with the sensitive data accessed, has elevated the case to the international spotlight.
Legal and Diplomatic Implications Amid U.S.–China Cyber Tensions
The FBI emphasized the importance of the arrest, calling it a “milestone” in bringing foreign cybercriminals to justice. “Even years after the fact, we will pursue those who attack our institutions and steal our innovations,” said Deputy Director Brett Leatherman.
Italy’s cooperation underscores its growing alignment with U.S. cybersecurity policy, despite its ongoing economic ties with China. The case is reminiscent of earlier extradition standoffs involving state-backed actors, highlighting the political tightrope governments must walk in such international cases.
Xu faces up to 20 years in prison if convicted on charges including wire fraud, identity theft, and conspiracy to commit computer intrusions. His defense team claims mistaken identity, citing the commonality of the surname “Xu” and suggesting that a prior stolen phone incident in 2020 may be clouding digital evidence.
As the extradition hearing approaches, cybersecurity analysts warn that this arrest may mark only the beginning of deeper legal confrontations between global powers over the growing weaponization of cyber tools.
The Chinese Hacker Arrested in Italy , arrest of Xu Zewei signals a bold U.S. move in holding alleged Chinese state-backed hackers accountable for cyber-espionage targeting critical pandemic-era research. With geopolitical stakes rising, the case may redefine the rules of global cyber engagement.
Sources:
https://thehackernews.com/2025/07/chinese-hacker-xu-zewei-arrested-for.html
Also Read :- Chinese Hackers Breach U.S. Treasury in Major Cybersecurity Incident
