A former senior executive at a US defense contractor has been handed an 87-month jail term after selling zero-day exploits to a Russian broker.

Australian national Peter Williams, 39, is the former general manager of L3Harris cyber-division Trenchant – a company that develops digital surveillance tools for Five Eyes agencies.

In addition to the jail term, he was ordered to serve three years of supervised release with special conditions, to forfeit $1.3m, cryptocurrency, a house, and luxury items including watches and jewelry.

“Williams took trade secrets comprised of national security software and sold them for up to $4m in cryptocurrency. These incredibly powerful tools would have allowed Russia to access millions of digital devices,” said US attorney Jeanine Pirro for the District of Columbia.

“By betraying a position of trust and selling sensitive American technology, Williams’ crime is not only one of theft, it is a crime of national security. Our nation’s defense capabilities are not commodities to be auctioned off.”

Read more on the trade in zero-day exploits: Pall Mall Process to Define Responsible Commercial Cyber Intrusion.

Williams pleaded guilty last October to two counts of theft of trade secrets.

He admitted to stealing eight “cyber-exploit components” over a three-year period and selling them to a Russian broker in exchange for crypto payments. The broker counts the Russian government among its clients.

Williams not only sold the exploits but agreed to provide “follow-on support” for which he was also paid, according to the Justice Department (DoJ).

He also admitted that his actions cost Trenchant/L3Harris $35m and had a “significant impact” on customers including the US and allied governments.

Sanctions in Place

The case shines a light on the murky world of commercial spyware; something Western governments are increasingly concerned about.

To tackle the trade, a joint agreement, dubbed the “Pall Mall Process,” was signed in 2024 by 25 countries led by the UK, US and France, as well as tech giants including Google, Microsoft, Apple, Meta and others.

The State Department announced on February 24 that it was issuing sanctions on the broker Williams sold his zero-days to under the Protecting American Intellectual Property Act (PAIPA).

They apply to Matrix LLC (aka Operation Zero), its sole owner, Sergey Sergeyevich Zelenyuk, and four “associated individuals and entities.”

“All property and interests in property of those designated that are in the United States or that are in possession or control of a US person are blocked,” the State Department said. “US persons are generally prohibited from conducting business with sanctioned persons, and persons that engage in certain transactions or activities with those designated may expose themselves to sanctions risk.”

Zelenyuk has apparently founded a new UAE-based company under the name Special Technology Services with the intention of evading US sanctions.