A man accused of carrying out cyberattacks on behalf of the Chinese government has been extradited to the United States, his lawyer says.
Last year, the U.S. Department of Justice accused Xu Zewei of carrying out a series of cyber attacks as a contractor for China's Ministry of State Security. Prosecutors alleged that Xu and co-conspirator Zhang Yu targeted several U.S. universities in early 2020 to steal research related to the coronavirus pandemic. The two also allegedly hacked thousands of email servers running Microsoft Exchange since early March 2021 as part of a “promiscuous” campaign by the Chinese-backed hacker group known as Hafnium, later known as Silk Typhoon.
Mr. Xu was arrested in Italy last year at the request of U.S. authorities. His Italian lawyer Simona Candido told TechCrunch that Xu was extradited to the United States on Saturday and is currently being held in Houston, Texas.
A man with the same name is being held at a federal detention center in Houston, according to the U.S. Bureau of Prisons website.
Xu's U.S. attorney, Dan Cogdell, was scheduled to appear at a hearing in Houston on Monday, according to court records. Cogdell told TechCrunch he learned of the hearing early Monday.
Angela Dodge, a spokeswoman for the U.S. Attorney's Office for the Southern District of Texas, which is prosecuting Xu's case, acknowledged receiving the email but did not immediately respond to TechCrunch's questions about Xu.
As the Justice Department said when it first announced charges against the accused hackers, Xu allegedly worked for Shanghai Powerlock Network, a Chinese company that prosecutors said “performed hacking” on Beijing's behalf. Xu and other hackers allegedly reported their activities directly to Chinese government officials in Shanghai.
tech crunch event
San Francisco, CA | October 13-15, 2026
Along with Zhang, he was part of the Hafnium group, which allegedly exploited previously undiscovered security flaws in Microsoft Exchange servers to hack into multiple U.S. organizations, including defense contractors, law firms, think tanks, and infectious disease researchers.
Prosecutors say the Hafnium hackers targeted more than 60,000 organizations in the United States and were able to hack more than 12,700 of them.
The Chinese embassy in Washington, D.C., did not respond to a request for comment.
The Financial Times reported that China's Foreign Ministry opposed Xu's extradition and accused the US government of “manufacturing the incident.”
The U.S. government has prosecuted suspected Chinese hackers for years, but many remain at large. In 2022, Yanjun Xu was sentenced to 20 years in prison for hacking crimes in the first case in which a Chinese government agent was extradited to the United States, according to the Department of Justice.
If you buy through links in our articles, we may earn a small commission. This does not affect editorial independence.