July 8 (UPI) — Italian authorities arrested a Chinese national accused by the United States of working at the direction of Beijing to steal COVID-19 vaccine research from U.S. universities, immunologists and virologists during the early days of the pandemic.
Xu Zewei, 33, of China, was arrested Thursday in Malan. The nine-count indictment charging him and his co-conspirator, 44-year-old Chinese national Zhang Yu, was unsealed Tuesday by the Justice Department as it seeks Xu’s extradition. Zhang remains at large.
The arrest and filing of charges are the latest U.S. law enforcement action targeting Chinese nationals accused of working at the behest of Beijing’s foreign intelligence arm, the Ministry of State Security, in recent months.
According to the indictment, Xu and his coconspirators were involved in the China state-sponsored HAFNIUM hacking campaign — also known as Silk Typhoon — that targeted vulnerabilities in the widely used Microsoft Exchange Server program to gain access to victims’ information from February 2020 to June 2021.
Federal prosecutors said they used the vulnerabilities in the Microsoft program to install code known as webshells on their victims’ computers, gaining remote access to the devices.
The victims were not named in the charging document, but are identified as a university located in the Southern District of Texas and a university based in North Carolina involved in “research into COVID-19 vaccines, treatments and testing,” as well as a second university based in the southern district of Texas and a law firm with offices in Washington, D.C., and elsewhere, including internationally.
During a press conference Tuesday, U.S. Attorney Nicholas Ganjei for the Southern District of Texas said Xu would be assigned targets from his handlers within the Ministry of State Security’s State Security Bureau with instruction to hack their computers and steal specific information.
Once with access to the requested accounts, he copied gigabits of COVID-19 research that he then transferred to China. Ganjei explained the law firm was targeted for the confidential information it had on its clients, specifically that of U.S. policy makers and government agencies.
“Although the Chinese state-sponsored hackers are, on occasion, indicted by the Department of Justice, it is exceedingly rare — indeed it is virtually unheard of — to actually get your hands on them,” he said.
“Since 2023, the United States has waited quietly and patiently for Xu to make a mistake that would put him within the reach of the American Judicial system. And last week, he did just that, traveling from Shanghai to Milan, Italy.”
Ganjei said Italian authorities took him into custody once his plane touched down.
He further described that alleged crimes as those not specifically targeting computers, but targeting “American scientific innovation” and the “American system of justice.”
“Although, the conduct in this case took place several years ago, we never lost sight of our goal to bring the perpetrators of these cyber intrusions to justice. Now, at least, some of that story can be told,” he said.
A little more than a week earlier, the Justice Department charged two Chinese nationals with spying on the U.S. Navy and its bases as well as assisting Beijing with recruiting others within the U.S. military as potential Ministry of State Security asstes.