Hacker who allegedly carried out cyberattacks for China is extradited to U.S.

Apr 27, 2026 · policy · Source ↗

TLDR

Xu Zewei, accused of hacking thousands of U.S. organizations for China’s MSS, has been extradited and is now detained in Houston.

Xu allegedly worked for Shanghai Powerock Network, a contractor that prosecutors say conducted hacking for Beijing’s Ministry of State Security.
Prosecutors say the Hafnium group targeted 60,000+ U.S. entities and successfully breached more than 12,700, including defense contractors, law firms, and think tanks.
Xu and co-conspirator Zhang Yu allegedly targeted U.S. universities in early 2020 to steal COVID-19 research, then hit thousands of Microsoft Exchange servers in 2021.
Xu was arrested in Italy last year; his Italian lawyer confirmed he was extradited Saturday and is held at the Federal Detention Center in Houston.

The extradition is rare: a 2022 case was described by the DOJ as the first time a Chinese government intelligence officer had been extradited to the U.S.
China’s Foreign Ministry opposed the extradition and accused the U.S. of fabricating the case, per the Financial Times.

Lorenzo Franceschi-Bicchierai, TechCrunch · 2026-04-27 · Read the original