Chinese state-sponsored contract hacker arrested in Italy at U.S. request, DOJ says
WASHINGTON — The U.S. Department of Justice said on Tuesday that a Chinese state-sponsored contract hacker was arrested last week in Italy at the request of Washington, but the arrested man claimed he is a victim of mistaken identity.
Xu Zewei, 33, was arrested on July 3, the Justice Department said, adding a nine-count indictment was unsealed on Tuesday in the Southern District of Texas alleging the involvement of that individual and a co-defendant in computer intrusions between February 2020 and June 2021.
Xu was arrested in Milan, Italy, and will face extradition proceedings, the DOJ said in a statement.
It alleged China’s ministry of state security had directed theft of Covid-19 research and the exploitation of Microsoft MSFT.O email software vulnerabilities.
The Chinese government has previously denied allegations of being involved. Liu Pengyu, a spokesperson for China’s embassy in Washington, said on Tuesday that China opposes all forms of cyber crimes, adding that “China has neither the need nor the intention to acquire vaccines through so-called theft.”
Xu’s lawyer said on Tuesday that he is a victim of mistaken identity, that his surname is quite common in China and that his mobile phone had been stolen in 2020.
The 33-year-old IT manager at a Shanghai company appeared on Tuesday before an appeals court in Milan, which will decide whether to send him to the United States. The man was arrested last week after he arrived at Milan’s Malpensa airport for a holiday in Italy with his wife.
U.S. authorities allege that he was part of a team of hackers who tried to access a Covid-19 vaccine being developed by the University of Texas in 2020.
The DOJ also said that in 2021, he was part of a cyber-espionage group known as Hafnium, which has alleged ties to the Chinese government and which “exploited zero-day vulnerabilities in U.S. systems to steal additional research.”
Hafnium targeted over 60,000 U.S. entities, according to the DOJ.
The charges listed on the arrest warrant were wire fraud and aggravated identity theft, conspiracy to commit wire fraud and unauthorized access to protected computers.