CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Extradition of Chinese National Tied to Silk Typhoon Cyber Espionage Campaign

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

A Chinese national accused of conducting state-sponsored cyber intrusions under the Silk Typhoon (Hafnium) campaign has been extradited to the U.S. to face charges related to espionage activities targeting American organizations and COVID-19 research between February 2020 and June 2021. Xu Zewei, 34, allegedly carried out intrusions under the direction of China’s Ministry of State Security (MSS) while operating through a private contractor, Shanghai Powerock Network Co. Ltd., to obscure state involvement. The campaign leveraged Microsoft Exchange Server vulnerabilities and targeted universities, researchers, and private sector entities, with data exfiltration focused on vaccine research, policy communications, and sensitive intellectual property.

Timeline

  1. 28.04.2026 15:30 1 articles · 1h ago

    Extradition of Silk Typhoon Suspect to U.S. for Cyber Espionage Charges

    Xu Zewei, a 34-year-old Chinese national accused of conducting cyber intrusions under the Silk Typhoon (Hafnium) campaign, was extradited to the U.S. to face charges related to espionage activities targeting American organizations and COVID-19 research between February 2020 and June 2021. Prosecutors allege Xu acted under the direction of China’s Ministry of State Security (MSS) while operating through Shanghai Powerock Network Co. Ltd., a contractor used to obscure state involvement. The intrusions involved exploitation of Microsoft Exchange Server vulnerabilities, with data exfiltration focused on vaccine research, policy communications, and sensitive intellectual property.

    Show sources
    Open in new tab

Information Snippets

  • Xu Zewei, a 34-year-old Chinese national, was extradited to the U.S. to face charges related to cyber espionage activities conducted between February 2020 and June 2021.

    First reported: 28.04.2026 15:30
    1 source, 1 article
    Show sources

  • Xu is accused of targeting U.S. universities and researchers working on COVID-19 science, including accessing a Texas university network to extract emails belonging to virologists and immunologists studying vaccines, treatments, and testing.

    First reported: 28.04.2026 15:30
    1 source, 1 article
    Show sources

  • The intrusions are alleged to have been coordinated with officers from China’s Ministry of State Security (MSS), specifically its Shanghai branch, who directed targeting priorities and received updates on compromised systems.

    First reported: 28.04.2026 15:30
    1 source, 1 article
    Show sources

  • Xu worked through Shanghai Powerock Network Co. Ltd., a contractor involved in a broader ecosystem used to conceal government involvement in cyber operations.

    First reported: 28.04.2026 15:30
    1 source, 1 article
    Show sources

  • The campaign expanded to exploit Microsoft Exchange Server vulnerabilities as part of the Silk Typhoon (Hafnium) campaign, which impacted over 12,700 U.S. organizations and deployed web shells for persistent access and data exfiltration.

    First reported: 28.04.2026 15:30
    1 source, 1 article
    Show sources

  • Attackers searched stolen emails for references to U.S. policymakers and agencies, using terms linked to Chinese intelligence interests, and targeted a global law firm among victims.

    First reported: 28.04.2026 15:30
    1 source, 1 article
    Show sources

  • Xu faces charges including wire fraud, unauthorized access to protected computers, and identity theft, with potential sentences ranging from 2 to 20 years per count. His co-defendant, Zhang Yu, remains at large.

    First reported: 28.04.2026 15:30
    1 source, 1 article
    Show sources

  • The allegations remain unproven, and the defendant is presumed innocent unless found guilty in court.

    First reported: 28.04.2026 15:30
    1 source, 1 article
    Show sources