Hacker who allegedly carried out cyberattacks for China is extradited to U.S.

A man accused of carrying out cyberattacks on behalf of the Chinese government has been extradited to the United States, and faces over a decade in prison if convicted. Last year, the U.S. Justice Department accused Xu Zewei of working as a contractor for the Chinese Ministry of State Security to conduct a series of cyberattacks. Prosecutors alleged Xu and co-conspirator Zhang Yu targeted several U.S. universities in early 2020 to steal research related to the COVID-19 pandemic. The two also allegedly hacked thousands of email servers running Microsoft Exchange beginning March 2021, as part of an “indiscriminate” campaign attributed to a Chinese-backed hacking group known as Hafnium, and later Silk Typhoon. Xu was arrested in Italy last year at the request of U.S. authorities. His lawyer in Italy, Simona Candido, told TechCrunch that Xu was extradited to the United States on Saturday, and that he is now in detention in Houston, Texas. According to the U.S. Bureau of Prison’s website, a man with the same name is in custody at the Federal Detention Center in Houston. After this story was published, the Justice Department announced Xu’s extradition in a press release. Xu’s lawyer in the United States, Dan Cogdell, told TechCrunch that Xu pleaded not guilty to all charges during a court hearing on Monday morning. According to court records, Xu appeared for his initial appearance in federal court and was remanded back into custody. Techcrunch event Meet your next investor or portfolio startup at Disrupt Your next round. Your next hire. Your next breakout opportunity. Find it at TechCrunch Disrupt 2026, where 10,000+ founders, investors, and tech leaders gather for three days of 250+ tactical sessions, powerful introductions, and market-defining innovation. Register now to save up to $410. Meet your next investor or portfolio startup at Disrupt Your next round. Your next hire. Your next breakout opportunity. Find it at TechCrunch Disrupt 2026, where 10,000+ founders, investors, and tech leaders gather for three days of 250+ tactical sessions, powerful introductions, and market-defining innovation. Register now to save up to $410. San Francisco, CA | October 13-15, 2026 REGISTER NOW As the Justice Department said when it initially announced charges against the accused hackers, Xu allegedly worked for Shanghai Powerock Network, a company in China that prosecutors said “conducted hacking” for Beijing. Xu and other hackers allegedly reported their activities directly to Chinese state officials in Shanghai. Along with Zhang, he was part of the Hafnium group that allegedly took advantage of previously undiscovered security flaws in Microsoft Exchange servers with the aim of hacking into several American organizations, including defense contractors, law firms, think tanks, and infectious disease researchers. According to prosecutors, Hafnium hackers targeted more than 60,000 entities in the U.S. and were successful in hacking more than 12,700 of them. The Chinese Embassy in Washington, D.C. did not respond to a request for comment. The Financial Times reported that the Chinese Foreign Ministry opposed Xu’s extradition and accused the U.S. government of “fabricating cases.” For years, the U.S. government has charged suspected Chinese hackers, many of whom remain at large. In 2022, Yanjun Xu was sentenced to 20 years in prison for hacking crimes in what the DOJ said was the first case where a Chinese government intelligence officer had been…

This excerpt is published under fair use for community discussion. Read the full article at TechCrunch.