A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to a little over seven years in prison for selling eight zero-day exploits to Russian exploit broker Operation Zero in exchange for millions of dollars.
Peter Williams pleaded guilty to two counts of theft of trade secrets in October 2025. In addition to the jail term, Williams has been ordered to serve three years of supervised release with special conditions, as well as forfeit illicit proceeds, including properties, clothing, jewelry, and luxury watches, purchased from the cryptocurrency payments he received in return for selling the exploits.
The case’s connection to Operation Zero was disclosed by cybersecurity journalist Kim Zetter late last year. The nature of the exploits are presently unclear. But a sentencing memorandum published earlier this month revealed that the tools could have been “used against any manner of victim, civilian or military around the world, and engage in all manner of crime from cyber fraud, theft, and ransomware, to state directed spying and offensive cyber operations against military targets.”
“Williams exploited his senior role at a U.S. defense contractor to enrich himself at the expense of the United States and his employer,” said Assistant Attorney General for National Security John A. Eisenberg. “The tools he compromised were intended to protect this Nation; instead, he auctioned them off to a Russian bidder.”
According to U.S. Attorney Jeanine Pirro for the District of Columbia, Williams sold the trade secrets for up to $4 million in cryptocurrency. The exploit tools could have allowed Russia to access millions of digital devices, Pirro added.
The theft of eight cyber-exploit components took place over a period of three years between 2022 and 2025. The zero-day exploits are designed to be sold exclusively to the U.S. government and select allies. The actions are estimated to have incurred L3Harris $35 million in financial losses.
The U.S. State Department, in tandem, announced the designations of Operation Zero (aka Matrix LLC), along with Sergey Sergeyevich Zelenyuk and Special Technology Services LLC FZ (STS), under the Protecting American Intellectual Property Act (PAIPA) in connection with the trade secret theft.
Zelenyuk is a Russian national and the director and owner of Operation Zero. He also established STS in the U.A.E. to conduct business with various countries in Asia and the Middle East and likely get around U.S. sanctions imposed on Russian bank accounts.
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) also sanctioned Zelenyuk, Operation Zero, STS, and four other associated individuals and entities for acquiring and distributing cyber tools harmful to U.S. national security. According to the Treasury, Operation Zero is said to have sold the tools acquired from Williams to at least one unauthorized user.
Operation Zero has offered up to $4 million in bounties for Telegram exploits and $20 million for tools that could be used to break into Android and iPhone devices. The exploit broker is believed to have engaged in efforts to recruit hackers to support its activities and develop business relationships with foreign intelligence agencies through social media. It’s been active since at least 2021.
“Zelenyuk and Operation Zero have stated that they will only sell the exploits they acquire to customers from non-NATO countries. Zelenyuk, through Operation Zero, has sought to sell exploits to foreign intelligence agencies,” the Treasury Department said.
“Zelenyuk and Operation Zero have also sought to develop other cyber intelligence systems, including spyware and methods to extract personal identifying information and other sensitive data uploaded by users of artificial intelligence applications like large language models.”
The names of the other sanctioned individuals and entities are listed below –
- Marina Evgenyevna Vasanovich, Zelenyuk’s assistant
- Azizjon Makhmudovich Mamashoyev and Oleg Vyacheslavovich Kucherov, for having had work relationships with Operation Zero (Kucherov is also suspected of being a member of the TrickBot cybercrime gang)
- Advance Security Solutions, an exploit brokerage firm created by Mamashoyev that offers bounties for exploits for U.S.-built software
“Peter Williams stole a U.S. defense contractor’s trade secrets about highly sensitive cyber capabilities and sold them to a broker whose clients include the Russian government, putting our national security and countless potential victims at risk,” said Assistant Director Roman Rozhavsky of the Federal Bureau of Investigation’s (FBI) Counterintelligence and Espionage Division.
“Let this be a clear warning to all who consider placing greed over country: if you betray your position of trust and sell sensitive American technology to our foreign adversaries, the FBI will not rest until you’re brought to justice.”
