Peter Williams, an Australian national and a former general manager at U.S. defense contractor L3Harris Trenchant, has pleaded guilty in U.S. District Court to stealing and selling confidential cybersecurity information to a Russian vulnerability exploit broker.
The illegal activity took place between 2022 and 2025, when Williams stole at least eight protected exploit components from Trenchant intended for the exclusive use of the U.S. government and select allies, and sold them to a broker that, among other clients, works with the Russian government.
"The material, stolen over a three-year period from the U.S. defense contractor where he worked, was comprised of national-security focused software that included at least eight sensitive and protected cyber-exploit components," reads the U.S. Department of Justice announcement.
"Those components were meant to be sold exclusively to the U.S. government and select allies. Williams sold the trade secrets to a Russian cyber-tools broker that publicly advertises itself as a reseller of cyber exploits to various customers, including the Russian government."
Trenchant is a cyber-capabilities business unit within L3Harris Technologies that conducts vulnerability and exploit research and develops offensive/defensive tools used by governments, intelligence, and defense agencies within the "Five Eyes" alliance.
The DOJ says Williams abused his position and high-level access at Trenchant Systems to steal $35 million in cyber trade secrets. He sold them to the unnamed broker for $1,300,000 in cryptocurrency.
"By doing so, he gave Russian cyber actors an advantage in their massive campaign to victimize U.S. citizens and businesses," commented the FBI's Assistant Director at Counterintelligence Division, Roman Rozhavsky.
Williams even signed contracts with the Russian broker for both the initial sale of the tools and the fees for ongoing support of their use.
Although the U.S. DoJ stops short of naming the broker, previous media reporting suggests it's Operation Zero, a Russian-based zero-day purchase platform that offers massive payouts for zero-click RCEs on widely used mobile tools and OSes.
BleepingComputer contacted Operation Zero for a statement on these unconfirmed reports, but we are still waiting for their response.
... continue reading