A former employee of U.S. defense contractor L3Harris has been sentenced to more than seven years in federal prison after admitting to selling eight highly sensitive zero-day exploits to a Russian exploit brokerage firm in exchange for millions in cryptocurrency.
Peter Williams, 39, an Australian national, pleaded guilty in October 2025 to two counts of theft of trade secrets. In addition to his prison sentence, the court ordered three years of supervised release under strict conditions and the forfeiture of assets purchased with illicit proceeds. Authorities seized properties, luxury watches, jewelry, and designer clothing acquired using cryptocurrency payments tied to the illegal sales.
Millions in Cryptocurrency for Stolen Cyber Weapons
According to prosecutors, Williams sold the stolen exploit tools for as much as 4 million dollars in cryptocurrency. The zero-day components were taken over a three-year period between 2022 and 2025.
These exploits were reportedly developed exclusively for use by the United States government and selected allies. Officials stated that the tools could have been deployed against civilian or military targets worldwide, enabling cyber fraud, ransomware attacks, espionage operations, and offensive military cyber campaigns.
Investigators estimate the financial damage to L3Harris at approximately 35 million dollars.
Ties to Operation Zero
The stolen exploits were sold to Operation Zero, also known as Matrix LLC, a Russia linked exploit broker known for offering multimillion dollar bounties for high value vulnerabilities.
Operation Zero has publicly advertised rewards of up to 4 million dollars for Telegram exploits and as much as 20 million dollars for tools capable of compromising Android and iPhone devices. The firm has been active since at least 2021 and is believed to recruit hackers through online channels to support its activities.
U.S. authorities allege that the broker resold at least some of the acquired tools to unauthorized buyers, potentially including entities connected to the Russian government.
Sanctions and International Fallout
In response to the case, the U.S. State Department designated Operation Zero and its director, Sergey Sergeyevich Zelenyuk, under the Protecting American Intellectual Property Act. Zelenyuk, a Russian national, also established Special Technology Services LLC FZ in the United Arab Emirates, reportedly to facilitate business dealings across Asia and the Middle East and circumvent U.S. sanctions.
The U.S. Department of the Treasury’s Office of Foreign Assets Control imposed sanctions on Zelenyuk, Operation Zero, Special Technology Services LLC FZ, and additional associated individuals and entities for their role in acquiring and distributing cyber tools considered harmful to U.S. national security.
Officials stated that Operation Zero has claimed it only sells exploits to customers in non NATO countries, but investigators believe the broker has sought to build relationships with foreign intelligence agencies and expand into spyware development and AI related data extraction systems.
National Security Implications
Federal authorities described Williams’ actions as a serious breach of trust. Prosecutors emphasized that the stolen cyber capabilities were designed to strengthen national defense but instead were transferred to a foreign adversarial network.
The case highlights escalating risks surrounding the global zero-day exploit market, where highly advanced vulnerabilities can command multimillion dollar payouts and potentially reshape cyber conflict dynamics.
Security analysts warn that insider threats within defense contractors remain a significant vulnerability, particularly as exploit development becomes increasingly valuable in geopolitical cyber operations.
Found this article interesting? Follow us on X (Twitter) , Facebook, Blue sky and LinkedIn to read more exclusive content we post.
