When the Department of Justice finally nabbed a Chinese hacker accused of siphoning off America’s most critical COVID-19 research, it exposed just how little respect foreign adversaries have for U.S. secrets—and just how long it takes to get any accountability when our own government is asleep at the wheel.
DOJ Finally Strikes After Years of Chinese Cyber Attacks
Federal law enforcement announced the arrest of Xu Zewei, a Chinese national, in Milan on July 3, 2025, finally unsealing a 2023 indictment that had been sitting quietly on the shelf while American research was ransacked. Xu’s hacking campaign—backed by China’s Ministry of State Security—targeted COVID-19 vaccine and treatment research at U.S. universities in Texas and North Carolina, as well as confidential information at a Washington, D.C. law firm. The campaign ran from February 2020 through June 2021, exploiting Microsoft Exchange vulnerabilities and exposing just how unprepared our institutions were for state-sponsored cyber warfare. While Xu sits in Italian custody awaiting extradition, his alleged co-conspirator Zhang Yu remains at large, presumably enjoying protection back in China, where the long arm of American justice notoriously falls short.
Let’s be honest: this didn’t happen in a vacuum. Chinese cyber espionage has been a thorn in our side for years, but the COVID-19 pandemic sent the thieves into overdrive. The Ministry of State Security, China’s civilian intelligence agency, orchestrated this operation through contractors and private companies, camouflaging their fingerprints and making it harder for American authorities to connect the dots—until now. This is just the latest chapter in a pattern going back at least a decade, with American medical institutions like Houston’s MD Anderson Cancer Center previously hit by similar schemes. How many more secrets have to be stolen before our leaders in Washington wake up to the actual threat?
Hackers Steal, DOJ and FBI Vow Retribution—But Is It Too Little, Too Late?
The details are infuriating: U.S. institutions spent the darkest days of the pandemic racing to develop vaccines and treatments, only to have their breakthroughs lifted by Chinese hackers. The DOJ and FBI have been quick to thump their chests since the arrest. Assistant Attorney General John A. Eisenberg issued stern warnings about holding cybercriminals accountable, and U.S. Attorney Nicholas Ganjei reminded the public about the importance of protecting American research. But for all the tough talk, the reality is this: American universities had their research stolen in real time, and it’s taken years for anyone to be brought into custody. The arrest in Italy is being held up as a win, but the fact remains—our adversaries have already made off with the crown jewels. Anyone want to bet we’ll see real consequences for China’s government? Don’t hold your breath.
The Department of Justice announced earlier this week that a "prolific" Chinese hacker was apprehended on July 3 at the request of the Justice Department on charges of attempting to steal sensitive coronavirus research. Xu Zewei, 33, of the People’s… https://t.co/nRjWabvMdz pic.twitter.com/MR71Ro0qFU
— The Western Journal (@WesternJournalX) July 10, 2025
The extradition process is underway, with Xu likely headed stateside to face the music. Meanwhile, the DOJ continues to chase the HAFNIUM hacking campaign’s loose ends, hoping to catch Zhang Yu. As for the affected universities and research centers, they’re left tightening their cybersecurity on their own dime, facing reputational damage and financial fallout. The message to America’s greatest minds: do ground-breaking research, but don’t expect Uncle Sam to keep it safe from foreign spies.
America’s Secrets Are Open Season—And Our Institutions Are Paying the Price
Short-term, the fallout is predictable: greater scrutiny on Chinese cyber activities, escalating U.S.-China tensions, and a mad scramble to shore up digital defenses at American research institutions. The economic impact is staggering—intellectual property theft robs U.S. companies and universities of their competitive edge, undermining our lead in biotechnology and pharmaceuticals. Socially, trust is eroding between international collaborators. Politically, the case only deepens the chasm between Washington and Beijing, with cybersecurity now front and center in diplomatic relations.
FBI ARRESTS Chinese 'hacker' for 'stealing covid research'
Patel blasts 'CCP's relentless attacks on our institutions'
Vows to hunt down anyone threatening America's 'national security' pic.twitter.com/xO7IC6mo6l
— RT (@RT_com) July 9, 2025
Long-term, the consequences could be even more damaging. International law enforcement cooperation might improve, as shown by the Italian arrest, but the chilling effect on scientific collaboration will linger. American students and researchers from China will face increased suspicion—another cost of the CCP’s espionage addiction. U.S. universities and tech firms will pour more money into cybersecurity, while the Chinese government shrugs off another indictment. The DOJ and FBI may declare victory, but the reality is clear: until America gets serious about defending its secrets and holding foreign adversaries truly accountable, our institutions will remain open season for cyber thieves.