A Chinese national accused of hacking U.S. COVID-19 research systems was extradited from Italy on Friday, April 25, 2026, to face federal charges. The FBI links the case to China’s intelligence services and the global HAFNIUM cyber campaign.

Chinese hacker extradited from Italy to face U.S. charges in COVID-19 cyber case as federal authorities confirmed that a previously scrutinized trip to Italy in early 2026 helped facilitate the arrest of a Chinese national accused of hacking U.S. pandemic research systems. Kash Patel said the suspect, Xu Zewei, is now in U.S. custody following a coordinated law enforcement operation with Italian authorities, marking a rare instance of an alleged state-linked hacker being extradited to the United States.

Xu was extradited from Italy in recent days and faces federal charges tied to a 2020–2021 cyber campaign targeting sensitive COVID-19 research, including vaccine and treatment development. Patel said investigators were able to directly connect Xu to China’s Ministry of State Security, including its Shanghai bureau, though some details remain classified. The operation was carried out in close coordination with Italian officials, led by National Police Prefect Vittorio Pisani, within a limited legal window to ensure the extradition proceeded without delay.

According to Patel, officials worked to ensure the suspect remained in Italy long enough for the arrest to occur. He said the same Italy trip that drew criticism due to attendance at Olympic events also played a key role in advancing the case. Xu was described as a top cyber operative allegedly involved in targeting U.S. universities and researchers during the height of the COVID-19 pandemic.

Federal prosecutors allege Xu infiltrated a U.S. research university in 2020 and accessed accounts belonging to virologists and immunologists studying the virus. Investigators say he was part of the broader HAFNIUM hacking campaign, which exploited Microsoft Exchange Server vulnerabilities and affected thousands of systems globally, including more than 12,000 in the United States. Among the targets was a Washington-based law firm where attackers allegedly searched emails linked to policymakers and government agencies.

Officials also said there were recent attempts by Chinese authorities to block the extradition. Xu’s alleged co-conspirator remains at large. Patel emphasized that countering Chinese cyber espionage remains a central priority, noting ongoing efforts to disrupt attempts to access U.S. scientific research and sensitive data.