Xu Zewei has been extradited to the United States to face charges for allegedly participating in a Chinese government hacking group that compromised thousands of American organizations and stole COVID-19 research.
Xu Zewei, accused of participating in a state-sponsored Chinese hacking operation, has been extradited to face charges in the U.S. The extradition marks a significant development in ongoing efforts to prosecute individuals involved in cyberattacks against American institutions.
According to allegations, Xu participated in a Chinese government-linked hacking group responsible for breaching thousands of U.S. organizations. The group targeted sensitive networks across multiple sectors, with a particular focus on stealing COVID-19-related research during the pandemic.
The case highlights the continued tension between the U.S. and China over cyber espionage. American officials have repeatedly accused Chinese state-sponsored groups of conducting sophisticated cyberattacks to steal intellectual property and sensitive government information.
Prosecutors allege the hacking group accessed research institutions, pharmaceutical companies, and government agencies. The theft of pandemic-related research raised national security concerns during a critical period of global health response.
The extradition process reflects international cooperation in addressing cybercrime, though China has historically resisted extradition requests from the United States. Xu's case represents one of the more high-profile instances of a suspected Chinese state-linked hacker being brought to American custody.
Once in U.S. custody, Xu will face federal charges related to the cyberattacks. The prosecution is expected to detail the scope of the breaches and the stolen information.
This development comes as the U.S. government has increased efforts to identify and prosecute individuals involved in state-sponsored hacking operations. The Department of Justice and the FBI have prioritized cases involving cyberattacks on critical infrastructure and theft of sensitive research.
Partnered Health, one of Australia's largest healthcare providers, has disclosed a cyber-attack affecting 21 clinics across Sydney, Melbourne, and Canberra. Personal information and medical records were compromised in the breach.
Security firm Intruder has developed an AI-powered system that automatically identifies previously unknown software vulnerabilities by combining code analysis with large language models. The tool already discovered and exploited a WordPress plugin zero-day.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.