DOJ says Trenchant boss sold exploits to Russian broker capable of accessing ‘millions of computers and devices’
Source: TechCrunch
Former L3Harris Executive Pleads Guilty to Selling Zero‑Day Exploits
The former boss of a U.S. maker of hacking and surveillance tools stole and sold technology that can compromise millions of computers worldwide, U.S. prosecutors confirmed for the first time.
In October, Australian national Peter Williams, 39, pleaded guilty to selling eight hacking tools that he stole from his employer Trenchant, a division of the U.S. defense contractor L3Harris. Trenchant supplies surveillance‑enabling tools to the U.S. government and its closest allies. Williams admitted to earning more than $1.3 million in cryptocurrency from the sales between 2022 and 2025, according to the Justice Department.
“Williams’ actions directly harmed the U.S. intelligence community by selling the hacking tools to a Russian company, which counts the Russian government among its customers,” a federal court document released on Tuesday reads.
While it was known that Williams sold Trenchant’s exploits—software that leverages vulnerabilities to gain unauthorized access—prosecutors now say the eight tools could have been used to enable indiscriminate government surveillance, cybercrime, and ransomware attacks worldwide.
The disclosure comes ahead of Williams’ sentencing, scheduled for February 24 in a Washington, D.C., federal court. In its sentencing memorandum, the Justice Department warned that the exploits could have allowed the Russian broker and its customers to “potentially access millions of computers and devices around the world, including in the United States.”
Prosecutors’ sentencing request
- Prison: 9 years
- Supervised release: 3 years
- Restitution: $35 million (mandatory)
- Maximum fine: $250,000
Williams is expected to be deported to Australia after serving his sentence.
Contact
If you have more information about this case—or about other zero‑day and surveillance‑tech makers—please reach out securely:
- Signal: +1 917 257 1382 (Lorenzo Franceschi‑Bicchierai)
- Telegram / Keybase / Wire:
@lorenzofb - Email: lorenzo@techcrunch.com
Williams’ Statement
In a letter submitted to the judge, Williams expressed remorse:
“I made choices that directly violated the values I believed in and the trust placed in me by my family, colleagues, and friends. I recognize now that I allowed myself to ignore my obligations and my training, and I failed to seek help or guidance when I knew I was moving in the wrong direction.”
Legal Defense
Williams’ attorney, John P. Rowley, argued that none of the stolen tools were classified and that there is no evidence Williams knew they would end up in the hands of the Russian government or any other foreign entity. Rowley maintained that Williams did not intend to harm the United States or his native Australia, though he now acknowledges that such consequences resulted from his actions.
When contacted, Justice Department spokesperson Pierson Furnish declined to comment. Rowley did not respond to a request for comment.
Event Reference
TechCrunch Event – Boston, MA – June 23, 2026
From Scapegoat to Sentencing
During mid‑2025, several sources with knowledge of the offensive‑cybersecurity industry told TechCrunch that someone working for Trenchant had stolen sensitive hacking tools and sold them to an adversary of the United States.
A former Trenchant employee came forward, telling TechCrunch that he had been wrongly fired after the company accused him of stealing and leaking details of some of its exploits.
By October, prosecutors formally accused Williams (also known as “Doogie”), who was Trenchant’s general manager at the time, of being behind the theft. The U.S. government charged him with selling the exploits to a Russian broker in exchange for cryptocurrency.
- FBI contact: Agents were in communication with Williams from late‑2024 until his arrest in mid‑2025, during which he oversaw Trenchant’s internal investigation of the theft.
- Continued sales: Despite the investigation, Williams continued to sell the company’s secrets—technically known as zero‑days—while aware that the FBI was probing the theft.
“[Williams] stood idly by while another employee of the company was essentially blamed for the Defendant’s own conduct,” prosecutors wrote in their sentencing memorandum. “He looked on while an internal corporate investigation falsely cast blame on his subordinate.”
The Scapegoated Employee
Sources told TechCrunch—and prosecutors have since confirmed—that Williams also oversaw the firing of the employee accused of leaking the tools. The fired employee later told TechCrunch that he believed he was a scapegoat for someone else at the company. Weeks after his termination, he received a notification from Apple that he had been targeted with government spyware, a claim that remains unexplained.
“His desire for more money, a better lifestyle, a bigger home, and more jewels and trinkets simply could not be satiated, and he chose to risk it all to betray his company, his colleagues, and the United States and its allies to satisfy that desire,” the prosecutors wrote.
The Russian Broker
On August 6, FBI agents obtained and executed search warrants at Williams’s home. They confronted him with evidence that included:
- Receipts of crypto payments
- The alias he used to interact with the Russian broker
- His contract with the broker
The broker is believed to be Operation Zero, which offers up to $20 million for tools to hack Android devices and iPhones. The company explicitly states that it sells only to the Russian government and local organizations.
- Operation Zero website:
- TechCrunch reference on Operation Zero: Russian zero‑day seller offers $20 M for hacking Android and iPhones
Prosecutors described the unnamed broker as “one of the world’s most nefarious exploit brokers,” noting that Williams chose it because, “by his own admission, they paid the most.”
Company Response
A spokesperson for Trenchant did not respond to a request for comment about Williams or the investigation.
All links are retained from the original text for reference.