A Chinese national, Xu Zewei, has been arrested in Milan for links to the Silk Typhoon hacking group and for conducting cyber attacks against American organizations. He faces nine charges including wire fraud and identity theft. Xu allegedly participated in cyber intrusions between February 2020 and June 2021, utilizing zero-day vulnerabilities in Microsoft Exchange Server during the Hafnium campaign. He also attempted to penetrate U.S. universities' vaccine research efforts during the COVID-19 pandemic. Xu and a co-defendant are believed to have acted under the direction of the Chinese Ministry of State Security.
Xu and his co-conspirators exploited certain vulnerabilities in Microsoft Exchange Server, a widely used Microsoft product for sending, receiving and storing email messages. Their exploitation of Microsoft Exchange Server was allegedly at the forefront of a massive campaign targeting thousands of computers worldwide and known publicly as 'Hafnium.'
Silk Typhoon, which overlaps with UNC5221, is known for its use of zero-day vulnerabilities and successful compromises of technology firms in supply chain attacks. The group is said to have targeted over 60,000 U.S. entities, successfully victimizing more than 12,700 in order to steal sensitive information through the Hafnium campaign.
Collection
[
|
...
]