CyberSecurityBoard
Sponsor Register Login

Chinese national arrested in Milan after US issues arrest warrant for Hafnium attacks | The Record from Recorded Future News

“In February 2020, as the world entered a pandemic, Xu Zewei and other cyber actors working on behalf of the Chinese Communist Party (CCP) targeted American universities to steal groundbreaking COVID-19 research. Police in Italy arrested a 33-year-old accused by U.S. officials of being a member of a Chinese state-backed group allegedly responsible for hacking into a Texas university to steal COVID-19 vaccine information. The DOJ claimed Zewei worked for Shanghai Powerock Network when he conducted the cyberattacks, lending further credence to their wider concern that China is using an array of private companies to launch state-backed intrusion campaigns in an effort to provide plausible deniability for the country’s government. The unsealed court documents accused Xu of being part of the team of state-backed hackers that targeted an unnamed Texas university in 2020 to obtain a vaccine for COVID-19. U.S. agencies and researchers have long accused China’s hacking operations of targeting research institutions working on COVID-19 vaccines as much of the world sought solutions to the devastating pandemic that began in 2020. The Justice Department said Xu was directed to “target and access specific email accounts belonging to virologists and immunologists engaged in COVID-19 research for the research university” on February 22, 2020. “Operating from their safe haven and motivated by profit, this network of private companies and contractors in China cast a wide net to identify vulnerable computers, exploit those computers, and then identify information that it could sell directly or indirectly to the PRC government,” the Justice Department said. Court documents said Xu and other hackers targeted U.S. universities, immunologists and virologists conducting research into COVID-19 vaccines, treatment and testing. The following year, these same actors, operating as a group publicly known as HAFNIUM, exploited zero-day vulnerabilities in U.S. systems to steal additional research,” said Brett Leatherman, Assistant Director of the FBI’s Cyber Division. In one breach of a law firm, Xu was ordered to search mailboxes for terms like “Chinese sources,” “MSS” and “HongKong” and other information regarding specific U.S. policy makers and government agencies. The Justice Department filed a warrant for his arrest in the U.S. District Court for the Southern District of Texas in November 2023.

This Cyber News was published on therecord.media. Publication date: Tue, 08 Jul 2025 19:10:19 +0000


Cyber News related to Chinese national arrested in Milan after US issues arrest warrant for Hafnium attacks | The Record from Recorded Future News

Chinese national arrested in Milan after US issues arrest warrant for Hafnium attacks | The Record from Recorded Future News - “In February 2020, as the world entered a pandemic, Xu Zewei and other cyber actors working on behalf of the Chinese Communist Party (CCP) targeted American universities to steal groundbreaking COVID-19 research. Police in Italy arrested a ...
6 days ago Therecord.media HAFNIUM
Chinese hacking documents offer glimpse into state surveillance - Chinese police are investigating an unauthorized and highly unusual online dump of documents from a private security contractor linked to the nation's top policing agency and other parts of its government - a trove that catalogs apparent hacking ...
1 year ago Apnews.com
FBI Director: FISA 702 warrant requirement 'de facto ban' The Register - FBI director Christopher Wray made yet another impassioned plea to US lawmakers to kill a proposed warrant requirement for so-called "US person queries" of data collected via the Feds' favorite snooping tool, FISA Section 702. This controversial ...
1 year ago Theregister.com
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
1 year ago Therecord.media
EFF Continues Fight Against Unconstitutional Geofence and Keyword Search Warrants: 2023 Year in Review - EFF continues to fight back against high-tech general warrants that compel companies to search broad swaths of users' personal data. In 2023, we saw victory and setbacks in a pair of criminal cases that challenged the constitutionality of geofence ...
1 year ago Eff.org
Uncovering Chinas Surveillance of the United States Spies Hackers and Informants - Last week, a Chinese surveillance balloon in the United States caused a diplomatic uproar and raised concerns about how Beijing collects intelligence on its biggest rival. FBI Director Christopher Wray said in 2020 that Chinese spying is the most ...
2 years ago Securityweek.com Silence
Chinese Hackers Exploit Microsoft Exchange Servers to Steal COVID-19 Research Data - A sophisticated cyberattack orchestrated by Chinese state-sponsored hackers has exposed vulnerabilities in the global cybersecurity infrastructure, targeting critical COVID-19 research from American universities and exploiting Microsoft Exchange ...
5 days ago Cybersecuritynews.com HAFNIUM
Cybersecurity Crisis Looms: FBI Chief Unveils Chinese Hackers' Plan to Target US Infrastructure - As the head of the FBI pointed out Wednesday, Beijing was positioning itself to disrupt the daily lives of Americans if there was ever a war between the United States and China if it were to plant malware to damage civilian infrastructure. U.S. ...
1 year ago Cysecurity.news Volt Typhoon
DHS and FBI: Chinese Drones Pose Major Threat to U.S. Security - The cybersecurity arm of the Department of Homeland Security and the Federal Bureau of Investigation have jointly issued a public service announcement cautioning about the potential risks posed by Chinese-manufactured drones to critical ...
1 year ago Cysecurity.news
Malware Takedowns Show Progress, But Fight Against Cybercrime Not Over - Takedown of malware infrastructure by law enforcement has proven to have an impact, albeit limited, on cybercriminal activity, according to threat intelligence provider Recorded Future. The Emotet takedown, led by Europol and Eurojust in 2021. The ...
1 year ago Infosecurity-magazine.com
7 Months Inside an Online Scam Labor Camp - He had been kidnapped and forced to work for an abusive online scam operation. A man was abducted by a Chinese gang and forced to work in a scam operation. More than anything else, Neo Lu, a 28-year-old Chinese office worker, believed the gig would ...
1 year ago Nytimes.com
Alleged Chinese hacker tied to Silk Typhoon arrested for cyberespionage - ANSA reports that Xu is accused of being linked to the Chinese state-sponsored Silk Typhoon hacking group, aka Hafnium, which has been responsible for a wide range of cyberespionage attacks against the U.S. and other countries. A Chinese ...
1 week ago Bleepingcomputer.com HAFNIUM
US Charges 12 Chinese Hackers For Hacking National Security Infrastructure - The hackers functioned as what one senior FBI official described as “cyber mercenaries,” exploiting vulnerable systems and extracting sensitive data that was subsequently sold to Chinese government security services. The indictments mark ...
4 months ago Cybersecuritynews.com
Belgium probes if Chinese hackers breached its intelligence service - According to The Brussels Times, the hacked server also routed internal HR exchanges among Belgian intelligence personnel, raising concerns about the potential exposure of sensitive personal data including identity documents and CVs belonging to ...
4 months ago Bleepingcomputer.com APT3 APT30 GALLIUM
A Plan to Protect Critical Infrastructure from 21st Century Threats - On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and ...
1 year ago Cisa.gov
Canada says China-linked information campaign spreading false narratives about prime minister | The Record from Recorded Future News - Ottawa officials said in a report Monday that the campaign centers around a popular anonymous news account called Youli-Youmia, which is linked to a Chinese state agency responsible for policing, intelligence and internal security. A China-linked ...
3 months ago Therecord.media
Taiwan charges Chinese ship captain with breaking subsea cables | The Record from Recorded Future News - Although Taiwan has been claimed by Beijing since the conclusion of the Chinese Civil War in 1949, it has been a self-governing territory throughout that period — moving from being a military dictatorship to becoming a multi-party democracy in the ...
3 months ago Therecord.media
Beijing fosters foreign influencers to spread its propaganda The Register - China is offering foreign influencers access to its vast market in return for content that sings its praises and helps to spreads Beijing's desired narratives more widely around the world, according to think tank the Australian Strategic Policy ...
1 year ago Theregister.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Russian basketball player arrested in France over alleged ransomware ties | The Record from Recorded Future News - According to a Russian Telegram channel focused on sports news, U.S. authorities had been tracking Kasatkin since early 2025, and the arrest warrant was issued just one day before his arrival in France. Local media, citing court proceedings in Paris, ...
4 days ago Therecord.media
Massive 911 S5 Botnet Dismantled, Chinese Mastermind Arrested - The US Justice Department announced on Wednesday that the massive 911 S5 proxy botnet has been dismantled and its alleged administrator, a Chinese national, has been arrested. The Treasury Department earlier this week announced sanctions against ...
1 year ago Packetstormsecurity.com
12 Software Dev Predictions for Future - Predicting the future of software development trends is always a tough call. Such trends will also rule the future of the software development industry. Analyzing these future software development trends will put enthusiasts ahead of the competition. ...
1 year ago Feeds.dzone.com
LockBit Ransomware Affiliate Sentenced to Prison in Canada - A Russian-Canadian national was sentenced to nearly four years in prison in Canada for his role in the LockBit ransomware operation. The man, Mikhail Vasiliev, 34, was arrested in October 2022 in his home in Bradford, Ontario. In February 2024, he ...
1 year ago Securityweek.com LockBit
Government Surveillance Reform Act of 2023 Seeks to End Warrantless Police and FBI Spying - In 1763, the radical journalist and colonial sympathizer John Wilkes published issue no. 45 of North Briton, a periodical of anonymous essays known for its virulent anti-Scottish drivel-and for viciously satirizing a British prime minister until he ...
1 year ago Wired.com Patchwork Snatch
Police arrest four suspects linked to LockBit ransomware gang - Previous arrests of Lockbit ransomware actors (some of them already charged for various offenses) include Mikhail Pavlovich Matveev (aka Wazawaka) in May 2023, Artur Sungatov and Ivan Gennadievich Kondratiev (aka Bassterlord) in February 2024, and ...
9 months ago Bleepingcomputer.com LockBit

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)