Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker
Source: The Hacker News
Ravie Lakshmanan
Feb 25 2026 – Zero Day / National Security
A 39‑year‑old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to a little over seven years in prison for selling eight zero‑day exploits to Russian exploit broker Operation Zero in exchange for millions of dollars.
Peter Williams pleaded guilty to two counts of theft of trade secrets in October 2025. In addition to the jail term, Williams has been ordered to serve three years of supervised release with special conditions and to forfeit illicit proceeds—including properties, clothing, jewelry, and luxury watches—purchased with the cryptocurrency payments he received for the exploits.
The case’s connection to Operation Zero was disclosed by cybersecurity journalist Kim Zetter late last year. The nature of the exploits is presently unclear, but a sentencing memorandum published earlier this month revealed that the tools could have been “used against any manner of victim, civilian or military around the world, and engage in all manner of crime from cyber fraud, theft, and ransomware, to state‑directed spying and offensive cyber operations against military targets.”
“Williams exploited his senior role at a U.S. defense contractor to enrich himself at the expense of the United States and his employer,” said Assistant Attorney General for National Security John A. Eisenberg. “The tools he compromised were intended to protect this Nation; instead, he auctioned them off to a Russian bidder.”
According to U.S. Attorney Jeanine Pirro for the District of Columbia, Williams sold the trade secrets for up to $4 million in cryptocurrency. The exploit tools could have allowed Russia to access millions of digital devices.
- The theft of eight cyber‑exploit components took place over three years (2022 – 2025).
- The zero‑day exploits were designed to be sold exclusively to the U.S. government and select allies.
- The actions are estimated to have cost L3Harris $35 million in financial losses.
The U.S. State Department announced the designations of Operation Zero (aka Matrix LLC), along with Sergey Sergeyevich Zelenyuk and Special Technology Services LLC FZ (STS), under the Protecting American Intellectual Property Act (PAIPA) in connection with the trade‑secret theft.
Zelenyuk is a Russian national, director and owner of Operation Zero. He also established STS in the United Arab Emirates to conduct business with various Asian and Middle‑Eastern countries, likely to circumvent U.S. sanctions on Russian bank accounts.
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) also sanctioned Zelenyuk, Operation Zero, STS, and four other associated individuals and entities for acquiring and distributing cyber tools harmful to U.S. national security. According to the Treasury, Operation Zero sold the tools acquired from Williams to at least one unauthorized user.
Operation Zero has offered up to $4 million in bounties for Telegram exploits and $20 million for tools that could break into Android and iPhone devices. The broker is believed to have recruited hackers to support its activities and to develop business relationships with foreign intelligence agencies through social media. It has been active since at least 2021.
“Zelenyuk and Operation Zero have stated that they will only sell the exploits they acquire to customers from non‑NATO countries. Zelenyuk, through Operation Zero, has sought to sell exploits to foreign intelligence agencies,” the Treasury Department said.
“Zelenyuk and Operation Zero have also sought to develop other cyber‑intelligence systems, including spyware and methods to extract personal identifying information and other sensitive data uploaded by users of artificial‑intelligence applications like large language models.”
Other Sanctioned Individuals and Entities
- (List to be inserted as provided in the original source)
Marina Evgenyevna Vasanovich, Zelenyuk’s assistant
- Azizjon Makhmudovich Mamashoyev and Oleg Vyacheslavovich Kucherov, for having had work relationships with Operation Zero (Kucherov is also suspected of being a member of the TrickBot cybercrime gang).
- Advance Security Solutions, an exploit‑brokerage firm created by Mamashoyev that offers bounties for exploits targeting U.S.-built software.
“Peter Williams stole a U.S. defense contractor’s trade secrets about highly sensitive cyber capabilities and sold them to a broker whose clients include the Russian government, putting our national security and countless potential victims at risk,” said Assistant Director Roman Rozhavsky of the Federal Bureau of Investigation’s (FBI) Counterintelligence and Espionage Division.
“Let this be a clear warning to all who consider placing greed over country: if you betray your position of trust and sell sensitive American technology to our foreign adversaries, the FBI will not rest until you’re brought to justice.”
Found this article interesting? Follow us for more exclusive content: