Chinese Hacker Arrested ⁤in Italy for Massive Cyberattacks Targeting US Institutions

A Chinese national has been arrested in Italy and charged in the United States with ⁤multiple counts of computer fraud and abuse related to a sprawling,state-sponsored hacking campaign targeting American universities,research institutions,and⁤ a prominent law firm.The arrest, announced Tuesday, ⁢marks a rare victory for U.S. law enforcement in pursuing individuals linked to China’s Ministry of State‍ Security (MSS).

Years-Long Hacking Campaign Uncovered

The Justice Department⁤ alleges that Guozhong Xu, along with unnamed co-conspirators, participated‍ in the “HAFNIUM” ⁢hacking group – also known as ⁤Silk Typhoon ⁣- responsible for exploiting vulnerabilities in Microsoft Exchange Server software between⁤ February 2020 and June ⁣2021.⁣ This ⁣campaign allowed hackers to install malicious code, known as webshells,⁣ granting them remote access to compromised computer⁢ systems.

According to the blank”>indictment, xu received specific⁤ targets and instructions from ⁣handlers within the⁤ MSS’s State Security Bureau. His mission: to hack into systems and ⁢steal designated information.

Targets Included COVID-19 Research and Sensitive Legal Data

The victims of the HAFNIUM campaign included:

Two Universities in⁢ Texas: ⁣ One was targeted generally, while the othre ⁤was specifically involved in cutting-edge research into COVID-19 vaccines, treatments, and ⁢testing.
A University in North Carolina: Also engaged in critical COVID-19 research.
* A⁢ Washington, D.C. Law Firm: Targeted for confidential information ‍pertaining to its clients, including U.S. policymakers and government agencies.

U.S. Attorney Nicholas Ganjei for the Southern⁣ District of Texas⁢ revealed during a blank”>press conference that Xu successfully exfiltrated “gigabits” of COVID-19 research data back to China. The law ⁣firm was targeted to gain access to sensitive information about its high-profile clientele.

A Rare Arrest in a Difficult Landscape

“Even though the Chinese state-sponsored hackers are,from time to time,indicted by the Department of justice,it is indeed exceedingly rare — indeed it⁢ is virtually unheard of — ⁤to actually ⁣get your hands on⁢ them,” Ganjei stated. The arrest⁢ represents a notable breakthrough, achieved after⁤ years of patient surveillance.

U.S. authorities waited for‍ Xu to travel outside of ⁤China, and he was apprehended by italian authorities upon landing in Milan last week. He is now awaiting extradition to the United States. Another suspect, zhang, remains at large.

Broader Crackdown on Chinese Intelligence Operations

This arrest is the latest in⁢ a series of⁣ U.S. law enforcement actions targeting Chinese nationals ⁤allegedly working on behalf of the MSS. Just over a week prior, the Justice Department charged ‍ two⁣ other Chinese nationals with spying on the U.S.Navy and attempting to recruit assets within the U.S. military.

Beyond Computer Hacking: Targeting Innovation and Justice

Ganjei emphasized that the alleged crimes extend beyond simply hacking computers. He characterized them as attacks ⁣on “American scientific innovation” and the “American system⁣ of justice.”

“Although, the conduct in this case took place ⁢several years ago, we never lost sight of our goal to ⁢bring the perpetrators of these cyber intrusions to justice. Now, at‍ least, some of that story can be told,” he concluded. The case underscores the ongoing threat posed by state-sponsored cyberattacks and the U.S. government’s commitment to holding perpetrators accountable, even across international borders.