Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
US authorities seek extradition of alleged hacker linked to Silk Typhoon, responsible for a string of US attacks.
A 33-year-old Chinese national was arrested by Italian police last week, as the United States Justice Department seeks the individual’s extradition for his alleged role in an attempt to steal COVID-19 research.
Authorities allege Xu Zewei has links to the People’s Republic of China-sponsored hacking group, Silk Typhoon, also known as Hafnium.
Xu is facing nine charges related to an alleged cyber espionage campaign that ran between February 2020 and June 2021.
“The indictment alleges that Xu was hacking and stealing crucial COVID-19 research at the behest of the Chinese government while that same government was simultaneously withholding information about the virus and its origins,” Nicholas Ganjei, US attorney for the Southern District of Texas, said in an 8 July statement.
“The Southern District of Texas has been waiting years to bring Xu to justice, and that day is nearly at hand. As this case shows, even if it takes years, we will track hackers down and make them answer for their crimes. The United States does not forget.”
Silk Typhoon is thought to have links to the PRC’s Ministry of State Security’s Shanghai State Security Bureau, which the US alleges targeted virologists and immunologists involved in COVID-19 research at several US universities. The attacks exploited vulnerabilities in Microsoft Exchange servers to install web shells, allowing access to and monitoring of specific email accounts of COVID-19 researchers.
John Hultquist, chief analyst at the Google Threat Intelligence Group, said the arrest is more than simply symbolic.
“This arrest caps off over a decade of indictments and other law enforcement efforts that were usually recognised as symbolic. It has been generally accepted that these actors would never see the inside of a courtroom. This is a good reminder that patience can be rewarded,” Hultquist said.
“Unfortunately, the impact of this arrest won’t be felt immediately. There are several teams composed of dozens of operators who are going to continue to carry out cyber espionage. Government sponsors are not going to be deterred.
“The arrest is unlikely to bring operations to a halt or even significantly slow them, but it may give some of these talented young hackers a reason to think twice before getting involved in this work.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
