Chinese citizen Xu Zewei, 34, was extradited to the United States after being arrested in Italy in July 2025. He is accused of belonging to Silk Typhoon, a hacker group sponsored by the Chinese state. Between 2020 and 2021, he allegedly attacked government agencies and COVID-19 research centers in the U.S., adding gravity to the case.
Silk Typhoon's modus operandi in critical infrastructure 🛡️
According to the indictment, Xu used spear-phishing techniques and exploitation of vulnerabilities in email systems to infiltrate university and laboratory networks. Once inside, he deployed persistent backdoors to extract data on treatments and vaccines. The attacks took advantage of weak configurations on VPN servers and a lack of patches in legacy systems, allowing lateral movement between government and private networks for over a year.
Hacker with jet lag: from Rome to the courtroom ✈️
Xu must be thinking that the trip to Italy was not a good idea for a vacation. He went from enjoying la dolce vita to experiencing the U.S. judicial system firsthand, all for not updating the firmware of his attack tools. That said, at least now he will have time to reflect on how cyber espionage can ruin even the best European getaways.