Italy Extradites Alleged Chinese Hacker to US Over Beijing-Backed Cyber Espionage During COVID-19
- Italy has extradited Xu Zewei, a Chinese national, to the United States to face charges involving state-sponsored hacking and the theft of medical research during the COVID-19 pandemic.
- Department of Justice and the FBI allege that Xu, 33, targeted U.S.
- According to court documents, Xu acted under the direction of the Shanghai State Security Bureau (SSSB), a branch of the People's Republic of China's Ministry of State Security...
Italy has extradited Xu Zewei, a Chinese national, to the United States to face charges involving state-sponsored hacking and the theft of medical research during the COVID-19 pandemic. The move follows a ruling by a top Italian court in April 2026 that allowed the extradition of the suspect.
The U.S. Department of Justice and the FBI allege that Xu, 33, targeted U.S. Government entities, research institutes, and universities involved in vaccine research between February 2020 and June 2021. Xu is accused of wire fraud and aggravated identity theft in connection with these computer piracy acts.
State-Sponsored Hacking Operations
According to court documents, Xu acted under the direction of the Shanghai State Security Bureau (SSSB), a branch of the People’s Republic of China’s Ministry of State Security (MSS). The MSS and SSSB are intelligence services responsible for domestic counterintelligence, non-military foreign intelligence, and aspects of political and domestic security in China.

During the period of the intrusions, Xu worked for Shanghai Powerock Network Co. Ltd., a company described by U.S. Authorities as one of several enabling firms in China that conduct hacking operations on behalf of the Chinese government.
Xu is alleged to be a leader of a hacking group known as Hafnium
, which targeted tens of thousands of Microsoft Exchange email servers in 2021. The group exploited flaws in Microsoft Exchange Server software to penetrate entities, including a law firm, to steal information. Microsoft characterized the group as a highly skilled and sophisticated actor
at the time of the intrusions.
Xu is named in a nine-count indictment unsealed in the Southern District of Texas. He is charged alongside a co-defendant, Zhang Yu, a 44-year-old PRC national.
Arrest and Legal Proceedings
Xu was arrested on July 3, 2025, at Milan’s Malpensa airport based on a warrant issued in Texas. Following his arrest, he was held in a prison in Busto Arsizio, near Milan.
Italian police characterized the operation as a result of excellent and well-established cooperation
with the FBI. A person with direct knowledge of the matter confirmed to Reuters that Xu had been flown to the United States by April 27, 2026.
Throughout the legal process, Xu’s legal representation rejected the accusations, with his lawyer claiming that his client had been a victim of mistaken identity.
International Reactions
The extradition has drawn a sharp response from the Chinese government. A spokesperson for China’s Foreign Ministry stated on April 27, 2026, that China opposed the United States fabricating charges through political manipulation
.

China urged Italy to
respect facts and law, immediately correct its mistakeand avoidbecoming an accomplice of the US.China’s Foreign Ministry
U.S. Officials have framed the pursuit of Xu as part of a broader strategy to protect American intellectual property and national security. John A. Eisenberg, Assistant Attorney General for the National Security Division, highlighted the priority of the case.
This arrest underscores the United States’ patient and tireless commitment to pursuing hackers who seek to steal information belonging to U.S. Companies and universities.
John A. Eisenberg, Assistant Attorney General for the National Security Division
