Italian police arrested a Chinese national linked to Silk Typhoon APT group at Milan’s Malpensa Airport on a U.S. warrant.
Italian police arrested a Chinese national, Zewei Xu (33), at Milan’s Malpensa Airport on a U.S. warrant. Xu was arrested at Malpensa Airport on July 3rd after arriving on a flight from China. Authorities accused the man of cyberespionage, U.S. authorities linked him to the China-nexus group Hafnium (aka Silk Typhoon), which carried out attacks against U.S. government, including the US Treasury.
The man is also accused of 2020 attacks on U.S. COVID-19 vaccine research at the University of Texas.
Xu now faces extradition proceedings in Italy.
“Zewei Xu is wanted by the FBI for allegedly being part of a team of hackers that allegedly carried out espionage operations, particularly in 2020 on anti-COVID vaccines being produced at the University of Texas.” reported Italian news agency ANSA.
“Interior ministry documents said he is also accused of being part of a “large-scale cyber intrusion campaign orchestrated” by the Chinese government known as ‘Hafnium’, which “targeted thousands of computers around the world” to get information on “various U.S. government policies.”
The suspect’s family claims he is an innocent IT technician. His wife opposes his extradition, saying his Italian visa proves no wrongdoing and that he works as an IT manager at Shanghai GTA Semiconductor Ltd, developing systems and networks.
“Both my husband and I do not agree with extradition to the United States,” his wife told the Postal Police after the man’s arrest. “Him getting an entry visa to Italy should be a confirmation that we have not committed crimes, so I cannot understand the reason for my husband’s arrest.”
Italian police seized the documents and the devices of the suspect as requested by the U.S. authorities.
Xu faces charges including wire fraud, ID theft, and unauthorized computer access, with up to 20 years in prison. An Italian judge confirmed his arrest citing flight risk. His lawyer called the accusations “fanciful.”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, Chinese national)