An Australian national formerly working for U.S. defense contractor L3Harris has received a prison sentence exceeding seven years for selling zero-day exploits to a Russian broker. Peter Williams, 39, was convicted for illegally distributing eight zero-day exploits to Operation Zero, a known Russian entity, reportedly earning millions in cryptocurrency.
Details of the Conviction
Williams admitted guilt to two counts of trade secret theft in October 2025. His sentence includes over seven years in prison, three years of supervised release, and the forfeiture of illicit assets acquired through the illicit sales, including properties and luxury items. These actions were uncovered by journalist Kim Zetter, who linked the trades to Operation Zero late last year.
The specific nature of the exploits remains undisclosed, but information from a recent sentencing memorandum indicates they could be used in various cybercrimes, from espionage to cyber fraud. Assistant Attorney General John A. Eisenberg emphasized the betrayal of trust, as these exploits were intended to bolster U.S. national defense.
Operation Zero’s Role
U.S. Attorney Jeanine Pirro revealed that Williams’ sales potentially earned him up to $4 million in cryptocurrency, and the exploits could facilitate unauthorized access to countless digital devices. The breaches took place over three years, from 2022 to 2025, causing an estimated $35 million loss for L3Harris.
The U.S. State Department, under the Protecting American Intellectual Property Act, has sanctioned Operation Zero and its affiliated entities and individuals. These include Sergey Sergeyevich Zelenyuk, who founded Operation Zero and STS, to circumvent U.S. sanctions and engage in global business.
Responses from Authorities
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has also imposed sanctions on Zelenyuk, Operation Zero, and others involved in distributing harmful cyber tools. Operation Zero reportedly offered substantial bounties for various exploits, with a history of recruiting hackers and establishing ties with foreign intelligence agencies.
Zelenyuk purportedly assured that the sold exploits would only reach non-NATO customers. The Treasury Department linked these activities to efforts to develop cyber intelligence tools, such as spyware and AI data extraction methods.
Additional sanctioned individuals and firms include Marina Evgenyevna Vasanovich, Azizjon Makhmudovich Mamashoyev, and Oleg Vyacheslavovich Kucherov, among others. The FBI’s Roman Rozhavsky warned against prioritizing personal gain over national security, affirming that breaches of trust will be met with justice.
As the case concludes, the implications for national security and international relations remain significant, emphasizing the importance of safeguarding sensitive information within the cybersecurity domain.
