Peter Williams, an Australian national and a former general manager at U.S. defense contractor L3Harris Trenchant, has pleaded guilty in U.S. District Court to stealing and selling confidential cybersecurity information to a Russian vulnerability exploit broker.
The illegal activity took place between 2022 and 2025, when Williams stole at least eight protected exploit components from Trenchant intended for the exclusive use of the U.S. government and select allies, and sold them to a broker that, among other clients, works with the Russian government.
“The material, stolen over a three-year period from the U.S. defense contractor where he worked, was comprised of national-security focused software that included at least eight sensitive and protected cyber-exploit components,” reads the U.S. Department of Justice announcement.
“Those components were meant to be sold exclusively to the U.S. government and select allies. Williams sold the trade secrets to a Russian cyber-tools broker that publicly advertises itself as a reseller of cyber exploits to various customers, including the Russian government.”
Trenchant is a cyber-capabilities business unit within L3Harris Technologies that conducts vulnerability and exploit research and develops offensive/defensive tools used by governments, intelligence, and defense agencies within the “Five Eyes” alliance.
The DOJ says Williams abused his position and high-level access at Trenchant Systems to steal $35 million in cyber trade secrets. He sold them to the unnamed broker for $1,300,000 in cryptocurrency.
“By doing so, he gave Russian cyber actors an advantage in their massive campaign to victimize U.S. citizens and businesses,” commented the FBI’s Assistant Director at Counterintelligence Division, Roman Rozhavsky.
Williams even signed contracts with the Russian broker for both the initial sale of the tools and the fees for ongoing support of their use.
Although the U.S. DoJ stops short of naming the broker, previous media reporting suggests it’s Operation Zero, a Russian-based zero-day purchase platform that offers massive payouts for zero-click RCEs on widely used mobile tools and OSes.
BleepingComputer contacted Operation Zero for a statement on these unconfirmed reports, but we are still waiting for their response.
Following his guilty plea, Williams now faces charges carrying a maximum of 10 years’ imprisonment and fines of $250,000 or twice the gain or loss pertinent to the offense.
Last week, TechCrunch reported that Trenchant was conducting its own investigation into the potential leak of Google Chrome zero-day vulnerabilities to outsiders, with another employee, Jay Gibson, who specialized in iOS zero-days, at the epicenter of the accusations.
There have been numerous zero-day exploits targeting Chrome in recent years, with six distinct cases in 2025 so far, ten zero-days throughout 2024, another eight in 2023, and nine in 2022.
Whether or not these cases leveraged exploits Williams sold to the Russian broker remains unknown.
46% of environments had passwords cracked, nearly doubling from 25% last year.
Get the Picus Blue Report 2025 now for a comprehensive look at more findings on prevention, detection, and data exfiltration trends.
Source link
-
-
-
-
-
