National Security Betrayal: Defense Contractor Sold 8 Zero-Days to Russian Broker for Crypto
Former L3Harris defense contractor employee Peter Williams has pleaded guilty in a U.S. federal court to two counts of theft of trade secrets, admitting that he sold eight zero-day vulnerabilities to a Russian intermediary for millions of dollars in cryptocurrency.
According to court filings, the 39-year-old Williams spent three years working at Trenchant, an L3Harris subsidiary, during which he illicitly copied proprietary software components developed exclusively for the U.S. government and its allies. These tools—crafted for conducting cyber operations—were later resold to a broker who publicly portrayed himself as a supplier of exploits for various clients.
Investigators revealed that the transactions occurred over encrypted communication channels between 2022 and 2024. Williams entered contracts with the intermediary, identified in court documents as “Company No. 3,” and received payments in cryptocurrency, portions of which he later spent on luxury goods. Prosecutors specified during the hearings that “Company No. 3” referred to Operation Zero, a platform branding itself as “the world’s only official marketplace for the purchase of zero-day vulnerabilities.”
Prosecutors cited social media posts by Operation Zero offering millions of dollars for iOS and Android exploits, noting that the end client was explicitly described as “a non-NATO country.” According to the prosecution, this phrasing matched the wording of a public advertisement posted in 2023.
Authorities disclosed that Williams had previously served at the Australian Signals Directorate before joining Trenchant, where he gained access to advanced cyber tools developed for national security operations. It was during this period that he stole source code and internal development materials.
The U.S. Department of Justice estimated the damages to the defense contractor at $35 million, warning that the transfer of such sophisticated tools could provide foreign actors with the means to conduct cyberattacks against “numerous unsuspecting victims.” Each charge carries a maximum sentence of 10 years in prison and a fine of up to $250,000, or twice the amount of illicit gains. Under federal sentencing guidelines, Judge Lauren Alihan is expected to impose a prison term ranging from 7 years and 3 months to 9 years, along with a fine of up to $300,000 and $1.3 million in restitution. Williams remains under house arrest until sentencing, scheduled for January.
The Justice Department described Williams’s actions as a “betrayal of both the United States and his employer,” emphasizing the deliberate and calculated nature of his crimes. Prosecutors further warned that international exploit traders are becoming the new breed of arms dealers, and affirmed that investigations targeting both insiders and intermediaries in such operations remain a top priority for U.S. intelligence and law enforcement agencies.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
