FBI Warns Of Expanding China Hack Network
The Chinese government’s hack for hire ecosystem has expanded beyond control and now provides cyber criminals with plausible deniability, a senior Federal Bureau of Investigation official said on Thursday. The warning highlights growing concerns about the scale and structure of cyber operations linked to China.
Moreover, the official stressed that Chinese hackers face arrest risks once they leave their home country. This statement signals a tougher international stance on cybercrime and reflects efforts to hold individuals accountable beyond national borders.
Extradition Case Highlights Global Reach
The remarks followed the extradition of Xu Zewei, a 34 year old Chinese national, to the United States from Italy. Authorities allege that Xu participated in extensive hacking campaigns during 2020 and 2021 while working for a Chinese contractor and acting under government direction.
Xu was arrested in Milan in July 2025. Subsequently, an Italian court approved his extradition, allowing U.S. authorities to take custody. This development underscores increasing cooperation between countries in tackling cybercrime.
Furthermore, officials emphasised that protections available within China no longer apply once individuals travel abroad. As a result, suspected hackers may face detention and prosecution in foreign jurisdictions.
Targeting Of COVID 19 Research
According to the Department of Justice, Xu and several co conspirators targeted U.S. based universities, immunologists, and virologists. These individuals were involved in research related to COVID 19 vaccines, treatments, and testing.
In addition, the group allegedly reported their hacking activities to the Shanghai State Security Bureau, part of China’s Ministry of State Security. Officials stated that an officer within the bureau directed specific cyber intrusions, including targeting email accounts of researchers.
This coordination suggests a structured link between cyber operatives and state intelligence entities. Consequently, the case raises broader concerns about state backed cyber espionage.
Hafnium Campaign And Broader Targets
The Department of Justice also linked Xu to the exploitation of vulnerabilities in Microsoft Exchange Server. These actions formed part of a large scale hacking campaign publicly known as Hafnium.
Moreover, officials revealed that the campaign extended beyond scientific research targets. Hackers also targeted law firms, searching for sensitive information related to U.S. policymakers and government agencies.
Despite the allegations, responses remain limited. The Chinese Embassy in Washington did not comment, while a Foreign Ministry spokesperson criticised the charges and urged Italy not to support U.S. actions. Meanwhile, legal representatives for Xu have not issued a response.
With inputs from Reuters
