CyberSecurityBoard
Sponsor Register Login

Chinese national arrested in Milan after US issues arrest warrant for Hafnium attacks | The Record from Recorded Future News

“In February 2020, as the world entered a pandemic, Xu Zewei and other cyber actors working on behalf of the Chinese Communist Party (CCP) targeted American universities to steal groundbreaking COVID-19 research. Police in Italy arrested a 33-year-old accused by U.S. officials of being a member of a Chinese state-backed group allegedly responsible for hacking into a Texas university to steal COVID-19 vaccine information. The DOJ claimed Zewei worked for Shanghai Powerock Network when he conducted the cyberattacks, lending further credence to their wider concern that China is using an array of private companies to launch state-backed intrusion campaigns in an effort to provide plausible deniability for the country’s government. The unsealed court documents accused Xu of being part of the team of state-backed hackers that targeted an unnamed Texas university in 2020 to obtain a vaccine for COVID-19. U.S. agencies and researchers have long accused China’s hacking operations of targeting research institutions working on COVID-19 vaccines as much of the world sought solutions to the devastating pandemic that began in 2020. The Justice Department said Xu was directed to “target and access specific email accounts belonging to virologists and immunologists engaged in COVID-19 research for the research university” on February 22, 2020. “Operating from their safe haven and motivated by profit, this network of private companies and contractors in China cast a wide net to identify vulnerable computers, exploit those computers, and then identify information that it could sell directly or indirectly to the PRC government,” the Justice Department said. Court documents said Xu and other hackers targeted U.S. universities, immunologists and virologists conducting research into COVID-19 vaccines, treatment and testing. The following year, these same actors, operating as a group publicly known as HAFNIUM, exploited zero-day vulnerabilities in U.S. systems to steal additional research,” said Brett Leatherman, Assistant Director of the FBI’s Cyber Division. In one breach of a law firm, Xu was ordered to search mailboxes for terms like “Chinese sources,” “MSS” and “HongKong” and other information regarding specific U.S. policy makers and government agencies. The Justice Department filed a warrant for his arrest in the U.S. District Court for the Southern District of Texas in November 2023.

This Cyber News was published on therecord.media. Publication date: Tue, 08 Jul 2025 19:10:19 +0000


Cyber News related to Chinese national arrested in Milan after US issues arrest warrant for Hafnium attacks | The Record from Recorded Future News

Chinese national arrested in Milan after US issues arrest warrant for Hafnium attacks | The Record from Recorded Future News - “In February 2020, as the world entered a pandemic, Xu Zewei and other cyber actors working on behalf of the Chinese Communist Party (CCP) targeted American universities to steal groundbreaking COVID-19 research. Police in Italy arrested a ...
1 month ago Therecord.media HAFNIUM
Chinese hacking documents offer glimpse into state surveillance - Chinese police are investigating an unauthorized and highly unusual online dump of documents from a private security contractor linked to the nation's top policing agency and other parts of its government - a trove that catalogs apparent hacking ...
1 year ago Apnews.com
FBI Director: FISA 702 warrant requirement 'de facto ban' The Register - FBI director Christopher Wray made yet another impassioned plea to US lawmakers to kill a proposed warrant requirement for so-called "US person queries" of data collected via the Feds' favorite snooping tool, FISA Section 702. This controversial ...
1 year ago Theregister.com
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
1 year ago Therecord.media
EFF Continues Fight Against Unconstitutional Geofence and Keyword Search Warrants: 2023 Year in Review - EFF continues to fight back against high-tech general warrants that compel companies to search broad swaths of users' personal data. In 2023, we saw victory and setbacks in a pair of criminal cases that challenged the constitutionality of geofence ...
1 year ago Eff.org
Chinese Companies Linked With Hackers Filed Patents Over 10+ Forensics and Intrusion Tools - The patents, registered by firms named in recent U.S. Department of Justice indictments, detail sophisticated offensive capabilities including encrypted endpoint data acquisition, mobile device forensics, and network traffic interception from routers ...
1 week ago Cybersecuritynews.com HAFNIUM
Microsoft says Warlock ransomware deployed in SharePoint attacks as governments scramble | The Record from Recorded Future News - While the group is based in China, Microsoft previously said it is “unable to confidently assess the threat actor’s objectives.” The two other Chinese groups identified with the so-called “ToolShell” campaign — Linen Typhoon and Violet ...
2 weeks ago Therecord.media CVE-2025-49706
Uncovering Chinas Surveillance of the United States Spies Hackers and Informants - Last week, a Chinese surveillance balloon in the United States caused a diplomatic uproar and raised concerns about how Beijing collects intelligence on its biggest rival. FBI Director Christopher Wray said in 2020 that Chinese spying is the most ...
2 years ago Securityweek.com Silence
Chinese Hackers Exploit Microsoft Exchange Servers to Steal COVID-19 Research Data - A sophisticated cyberattack orchestrated by Chinese state-sponsored hackers has exposed vulnerabilities in the global cybersecurity infrastructure, targeting critical COVID-19 research from American universities and exploiting Microsoft Exchange ...
4 weeks ago Cybersecuritynews.com HAFNIUM
Cybersecurity Crisis Looms: FBI Chief Unveils Chinese Hackers' Plan to Target US Infrastructure - As the head of the FBI pointed out Wednesday, Beijing was positioning itself to disrupt the daily lives of Americans if there was ever a war between the United States and China if it were to plant malware to damage civilian infrastructure. U.S. ...
1 year ago Cysecurity.news Volt Typhoon
DHS and FBI: Chinese Drones Pose Major Threat to U.S. Security - The cybersecurity arm of the Department of Homeland Security and the Federal Bureau of Investigation have jointly issued a public service announcement cautioning about the potential risks posed by Chinese-manufactured drones to critical ...
1 year ago Cysecurity.news
7 Months Inside an Online Scam Labor Camp - He had been kidnapped and forced to work for an abusive online scam operation. A man was abducted by a Chinese gang and forced to work in a scam operation. More than anything else, Neo Lu, a 28-year-old Chinese office worker, believed the gig would ...
1 year ago Nytimes.com
Malware Takedowns Show Progress, But Fight Against Cybercrime Not Over - Takedown of malware infrastructure by law enforcement has proven to have an impact, albeit limited, on cybercriminal activity, according to threat intelligence provider Recorded Future. The Emotet takedown, led by Europol and Eurojust in 2021. The ...
1 year ago Infosecurity-magazine.com
Alleged Chinese hacker tied to Silk Typhoon arrested for cyberespionage - ANSA reports that Xu is accused of being linked to the Chinese state-sponsored Silk Typhoon hacking group, aka Hafnium, which has been responsible for a wide range of cyberespionage attacks against the U.S. and other countries. A Chinese ...
1 month ago Bleepingcomputer.com HAFNIUM
US Charges 12 Chinese Hackers For Hacking National Security Infrastructure - The hackers functioned as what one senior FBI official described as “cyber mercenaries,” exploiting vulnerable systems and extracting sensitive data that was subsequently sold to Chinese government security services. The indictments mark ...
4 months ago Cybersecuritynews.com
Hungarian police arrest suspect in cyberattacks on independent media | The Record from Recorded Future News - IPI’s website was knocked offline for three days last September following its report on a wave of DDoS attacks targeting 40 Hungarian media outlets. In June, Russian independent outlets IStories and Verstka were hit by DDoS attacks shortly after ...
2 weeks ago Therecord.media
A Plan to Protect Critical Infrastructure from 21st Century Threats - On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and ...
1 year ago Cisa.gov
Belgium probes if Chinese hackers breached its intelligence service - According to The Brussels Times, the hacked server also routed internal HR exchanges among Belgian intelligence personnel, raising concerns about the potential exposure of sensitive personal data including identity documents and CVs belonging to ...
5 months ago Bleepingcomputer.com APT3 APT30 GALLIUM
UK moves forward with plans for mandatory reporting of ransomware attacks | The Record from Recorded Future News - The three key policy ideas are a ban on payments by organizations working in the public sector or in critical national infrastructure; a requirement for victims to notify the government before making any extortion payments; and a mandatory reporting ...
2 weeks ago Therecord.media
Canada says China-linked information campaign spreading false narratives about prime minister | The Record from Recorded Future News - Ottawa officials said in a report Monday that the campaign centers around a popular anonymous news account called Youli-Youmia, which is linked to a Chinese state agency responsible for policing, intelligence and internal security. A China-linked ...
4 months ago Therecord.media
Taiwan charges Chinese ship captain with breaking subsea cables | The Record from Recorded Future News - Although Taiwan has been claimed by Beijing since the conclusion of the Chinese Civil War in 1949, it has been a self-governing territory throughout that period — moving from being a military dictatorship to becoming a multi-party democracy in the ...
3 months ago Therecord.media
Beijing fosters foreign influencers to spread its propaganda The Register - China is offering foreign influencers access to its vast market in return for content that sings its praises and helps to spreads Beijing's desired narratives more widely around the world, according to think tank the Australian Strategic Policy ...
1 year ago Theregister.com
Russian basketball player arrested in France over alleged ransomware ties | The Record from Recorded Future News - According to a Russian Telegram channel focused on sports news, U.S. authorities had been tracking Kasatkin since early 2025, and the arrest warrant was issued just one day before his arrival in France. Local media, citing court proceedings in Paris, ...
4 weeks ago Therecord.media
Massive 911 S5 Botnet Dismantled, Chinese Mastermind Arrested - The US Justice Department announced on Wednesday that the massive 911 S5 proxy botnet has been dismantled and its alleged administrator, a Chinese national, has been arrested. The Treasury Department earlier this week announced sanctions against ...
1 year ago Packetstormsecurity.com
12 Software Dev Predictions for Future - Predicting the future of software development trends is always a tough call. Such trends will also rule the future of the software development industry. Analyzing these future software development trends will put enthusiasts ahead of the competition. ...
1 year ago Feeds.dzone.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)