Chinese hackers vulnerable to US arrest if they travel, FBI official says
Protection that Chinese hackers receive inside China "does not extend the moment you cross a border," said FBI Assistant Director Brett Leatherman.
· CNA · JoinRead a summary of this article on FAST.
Get bite-sized news via a new
cards interface. Give it a try.
Click here to return to FAST Tap here to return to FAST
FAST
DETROIT: The Chinese government’s hiring of hackers has “gotten out of control” and provides cyber criminals with “a form of plausible deniability,” a senior FBI official said on Thursday (Apr 30), warning that Chinese hackers can be arrested when they travel outside their home country.
FBI Assistant Director Brett Leatherman’s comments come days after the extradition of Chinese national Xu Zewei, 34, to the US from Italy on allegations he participated in widespread hacking campaigns in 2020 and 2021 at the direction of the Chinese government while working for a Chinese contractor.
Xu was arrested in Milan in July 2025 and was sent to the US after an Italian court ruling allowed the extradition.
Protection that Chinese hackers receive inside China "does not extend the moment you cross a border," Leatherman said.
Liu Pengyu, spokesperson for the Chinese embassy in Washington, said that the US government "fabricated this politically motivated case, which violates the personal freedom and lawful rights and interests of the Chinese national."
The charges against Xu are "unwarranted and aimed at vilifying China," the spokesperson said.
Xu, along with several co-conspirators, hacked US-based universities, immunologists and virologists conducting research into COVID-19 vaccines, treatment and testing, the Department of Justice said on Apr 27.
Xu and others reported the hacking to the Chinese Ministry of State Security’s Shanghai State Security Bureau, an intelligence agency within the Chinese government, according to the DOJ. An officer within the bureau then directed Xu to target specific email accounts belonging to virologists and immunologists.
Xu and others were also responsible for exploiting vulnerabilities in the Microsoft Exchange Server email programme as part of a widespread hacking campaign tracked publicly as “Hafnium,” according to the DOJ.
A senior DOJ official told reporters on Thursday that the Hafnium campaign included targeting law firms, with the hackers searching for information about US policymakers and government agencies.
Lawyers listed as representing Xu did not immediately respond to a request for comment.
Sign up for our newsletters
Get our pick of top stories and thought-provoking articles in your inbox
Get the CNA app
Stay updated with notifications for breaking news and our best stories
Get WhatsApp alerts
Join our channel for the top reads for the day on your preferred chat app