• Chinese national Xu Zewei, indicted in 2023 for his alleged role in stealing COVID-19 research from a Texas university, has been arrested in Italy. The U.S. Justice Department accuses Zewei and another man of acting on behalf of China’s intelligence services to hack into American institutions during the early days of the pandemic.

HOUSTON, TX (TDR) — A Chinese national accused of carrying out cyberattacks on U.S. institutions to steal COVID-19 research has been arrested in Milan, Italy, after nearly a year on the run. Xu Zewei, 33, was indicted in Houston in 2023 along with Zhang Yu, 44, for their alleged roles in a cyber espionage campaign directed by the People’s Republic of China (PRC).

According to the U.S. Department of Justice, Xu and Yu worked for the Shanghai State Security Bureau (SSSB), a regional office of China’s Ministry of State Security (MSS), the country’s primary civilian spy agency. The charges stem from a hacking operation that targeted universities, scientists, and law firms between 2020 and 2021.

Hacking Campaign Tied to COVID-19 Research Theft

“While the world was reeling from a virus that originated in China, the Chinese government plotted to steal U.S. research critical to vaccine development,” said Douglas Williams, Special Agent in Charge of the FBI’s Houston Field Office.

The indictment unsealed by U.S. authorities alleges that Xu and Yu exploited vulnerabilities in Microsoft Exchange Server software, installing malware known as “web shells” that allowed remote access to email systems at a university in Texas and a law firm in Washington, D.C.

Freedom-Loving Beachwear by Red Beach Nation - Save 10% With Code RVM10

MORE NEWS: Levin Pushes Iran Regime Change as MAGA Base Splits

“The hacking of these American universities is not just a violation of intellectual property rights, it’s an attack on American scientific innovation,” said U.S. Attorney Nicholas Ganjei. “This is about more than stolen data—this is about national security.”

Among the stolen data were internal communications from virologists and immunologists conducting COVID-19 vaccine research. The information was allegedly passed to Chinese intelligence officers.

Arrest in Italy, Extradition in Process

Xu was apprehended by Italian authorities after arriving in Milan from Shanghai. His arrest was made at the request of the United States, and extradition proceedings are currently underway.

“Since 2023, the United States has waited quietly, patiently for Xu to make a mistake,” Ganjei said. “Last week, he did just that. He now awaits extradition to the United States.”

Zhang Yu remains at large. Authorities are urging anyone with information about his whereabouts to contact the FBI at 1-800-CALL-FBI (1-800-225-5324).

Links to the HAFNIUM Operation

The hacking campaign has been tied to the broader HAFNIUM operation, which Microsoft publicly linked to PRC-sponsored actors in March 2021. In July 2021, a joint statement by the U.S. and allied governments confirmed the involvement of China’s MSS in the attacks on Microsoft’s Exchange Server.

CLICK HERE TO READ MORE FROM THE THE DUPREE REPORT

Do you support the U.S. government increasing restrictions or a potential ban on TikTok over national security concerns?

By completing the poll, you agree to receive emails from The Dupree Report, occasional offers from our partners and that you've read and agree to our privacy policy and legal statement.

According to the indictment, the hackers targeted over 30,000 organizations globally. In addition to COVID-19 research, Xu and Yu are accused of stealing data about U.S. policymakers and government agencies through their infiltration of the law firm.

Charges and Legal Proceedings

Xu faces nine federal charges, including conspiracy to commit wire fraud, aggravated identity theft, and unauthorized access to protected computers. Prosecutors say these actions violated both national security statutes and intellectual property laws.

Yu, who has yet to be captured, is charged with the same offenses. His continued absence from custody is a point of concern for investigators.

“Even if it takes years, we will track hackers down and make them answer for their crimes,” Ganjei said. “The United States does not forget.”

The ongoing investigation is being led by the FBI’s Houston Field Office with support from international law enforcement partners. The Justice Department has expressed appreciation for Italy’s assistance in securing Xu’s arrest.

Global Implications

Cybersecurity analysts say the case highlights the persistent threat posed by state-sponsored cyber espionage.

Close

MORE NEWS: Carlson Invokes Antichrist Scripture Against Trump

“Targeting vaccine research during a global health crisis was a brazen act,” one senior official with knowledge of the case told reporters. “It underscores how vulnerable global institutions are to sophisticated cyber threats.”

The case also raises concerns about the effectiveness of current international laws in deterring cybercrimes backed by sovereign states.

What steps should governments take to prevent state-sponsored cyberattacks in future global health emergencies? Let us know in the comments.

Follow The Dupree Report on YouTube

Freedom-Loving Beachwear by Red Beach Nation - Save 10% With Code RVM10