A Chinese language nationwide accused by america of being a member of a state-sponsored hacking group has been arrested in Italy.
The suspect, 33-year-old Xu Zewei, has been charged on 9 counts alongside one other Chinese language nationwide, 44-year-old Zhang Yu, who stays at massive.
The US Justice Division says Xu and Zhang are a part of the group tracked as Silk Hurricane (beforehand Hafnium based mostly on Microsoft’s prior naming conference). Silk Hurricane is a Chinese language menace actor finest recognized for the 2024 assault on the US Treasury Division, in addition to for focusing on the worldwide IT provide chain.
In response to Microsoft, Silk Hurricane has been recognized to focus on healthcare, authorized companies, larger training, protection, and non-governmental organizations within the US, Australia, Japan and Vietnam.
The Justice Division has charged Xu and Zhang over cyberattacks carried out between February 2020 and June 2021 on behalf of China’s Ministry of State Safety (MSS) intelligence and safety service. Authorities say Xu had labored at an organization named Shanghai Powerock Community, which is thought for enabling China’s hacking operations.
Particularly, Xu and others are accused of focusing on — in early 2020 — COVID-19 analysis carried out by universities in america. The person allegedly focused virologists and immunologists, together with ones working at universities in Texas, with authorities claiming that Xu had reported to his superiors hacking into the e-mail accounts of researchers.
Xu and his co-conspirators are additionally accused of exploiting Microsoft Change zero-days in late 2020 and early 2021, till Microsoft launched patches. These exploits enabled Silk Hurricane hackers to realize entry to Change servers and steal emails and different helpful info from a college and a legislation agency.
Investigators seem to have obtained Xu’s communications because the accusations introduced in opposition to the Chinese language nationwide point out a number of messages exchanged along with his superiors.Commercial. Scroll to proceed studying.
Xu faces wire fraud, laptop hacking, and identification theft prices. He could possibly be sentenced to between two and 20 years in jail for every rely.
Xu was arrested in Italy on July 3. Italian publication ANSA reported that the suspect, who works as an IT supervisor at a Chinese language firm, had come to Italy on trip along with his spouse.
In his first courtroom look in Italy, the person denied the accusations, claiming that somebody might need stolen his identification. Italian authorities should resolve whether or not to approve his extradition to the US.
John Hultquist, chief analyst of Google’s Risk Intelligence Group, which tracks Silk Hurricane as UNC5221, instructed SecurityWeek that the influence of 1 hacker’s arrest is not going to be felt instantly.
“There are a number of groups composed of dozens of operators who’re going to proceed to hold out cyberespionage. Authorities sponsors should not going to be deterred. The arrest is unlikely to deliver operations to a halt and even considerably sluggish them, however it could give a few of these proficient younger hackers a cause to assume twice earlier than getting concerned on this work,” Hultquist stated.
Associated: China’s Salt Hurricane Hackers Goal Canadian Telecom Companies
Associated: China Admitted to Volt Hurricane Cyberattacks on US Essential Infrastructure