Ex-L3Harris Exec Jailed for Selling Zero-Days to Russia

A former senior executive at a major American defense contractor has been sentenced to over seven years in prison for stealing and selling classified cyber weapons to a Russian intermediary. This case highlights the severe legal and national security consequences of insider threats within the defense industrial base. The individual exploited his high-level access to transfer sensitive zero-day exploits, tools designed to hack into software vulnerabilities unknown to the vendor, ultimately funneling them to a broker with ties to the Russian state.

Peter Williams, a 39-year-old Australian national, previously held the position of general manager at Trenchant. This unit operates under the umbrella of defense giant L3Harris, specializing in creating surveillance technologies and zero-day exploits for U.S. government agencies and allied intelligence partners within the Five Eyes alliance. His role granted him privileged access to some of the company’s most guarded digital assets.

From 2022 through 2025, Williams systematically stole at least eight protected exploit components. These tools were developed strictly for use by the U.S. and its allies. He sold them to a Russian entity known as the Matrix exploit broker, which also operates under the name Operation Zero. This broker publicly markets its services as a supplier of hacking tools to clients outside the NATO alliance, which includes the Russian government.

To execute the theft, Williams used a simple but effective method: a portable external hard drive. He physically removed data from secure networks at Trenchant offices located in both Sydney, Australia, and Washington, D.C. After extracting the files, he transmitted the stolen cyber tools to the Russian broker using encrypted communication channels, attempting to conceal the illicit transactions.

The financial and strategic damage was significant. Federal prosecutors detailed that the theft resulted in an estimated $35 million in losses for L3Harris. More critically, they emphasized that the stolen exploits had the potential to compromise millions of devices globally, providing a foreign adversary with powerful intrusion capabilities. Williams admitted his guilt in October, confessing to selling the eight zero-day exploits for a sum of $1.3 million paid in cryptocurrency.

This week, U.S. District Court Judge Loren AliKhan delivered the sentence, ordering Williams to serve 87 months in federal prison. The court also mandated the forfeiture of his ill-gotten gains, which includes the $1.3 million in cryptocurrency, a house, and an assortment of luxury items purchased with the proceeds.

U.S. Attorney Jeanine Pirro for the District of Columbia underscored the gravity of the crime. “Williams took trade secrets comprised of national security software and sold them. These incredibly powerful tools would have allowed Russia to access millions of digital devices,” she stated. “By betraying a position of trust and selling sensitive American technology, Williams’ crime is not only one of theft, it is a crime of national security. Our nation’s defense capabilities are not commodities to be auctioned off.”

In a coordinated action, the U.S. Treasury Department formally identified the Russian broker as Operation Zero and imposed sanctions against the company and its owner. These measures aim to disrupt its financial operations and global dealings. Requests for comment sent to Operation Zero regarding the sanctions and the case have not yet received a response.

(Source: Bleeping Computer)