Italy Extradites Chinese Hacker Xu Zewei to the U.S. for COVID-19 Research Theft

Italy Extradites Chinese Hacker Xu Zewei to the U.S. for COVID-19 Research Theft

First seen 26 Apr 2026, 18:19 UTC BloombergUk.News.YahooGlobalbankingandfinanceStraitstimesDevdiscourse+36 88% similarity 74.0

Article Content

Browse articles
ThreatCluster

Xu Zewei, a 33-year-old Chinese national, was extradited from Italy to the United States on April 27, 2026, following his arrest in Milan on July 3, 2025. He is accused of participating in cyberattacks directed by the Chinese government, specifically targeting U.S. universities to steal COVID-19 research between February 2020 and June 2021. The U.S. Department of Justice has charged him with wire fraud, aggravated identity theft, and conspiracy related to a hacking campaign attributed to the Hafnium group. This group exploited vulnerabilities in Microsoft Exchange servers, affecting over 60,000 entities and successfully compromising more than 12,700. Xu's extradition comes after an Italian court ruled in favor of the U.S. request earlier in April 2026. The Chinese government has condemned the extradition, claiming it is politically motivated. Xu maintains his innocence, asserting he is a victim of mistaken identity.

Key Points: • Xu Zewei was extradited to the U.S. on charges related to COVID-19 research theft. • He is accused of being part of the Hafnium hacking group that targeted over 60,000 entities. • The Chinese government opposes the extradition, labeling the charges as politically motivated.

ThreatCluster AI

Timeline

2020-02-01
Xu allegedly began targeting U.S. universities for COVID-19 research.
2021-03-01
Hafnium group exploited vulnerabilities in Microsoft Exchange servers.
2025-07-03
Xu Zewei arrested in Milan at the request of U.S. authorities.
2026-04-16
Italian court ruled in favor of Xu's extradition to the U.S.
2026-04-27
Xu Zewei extradited to the United States.

Community

Browse all →