Ex-L3Harris exec jailed 7 years for selling exploits to Russia

Steven

Ex-L3Harris exec jailed 7 years for selling exploits to Russia

Summary

Peter Williams, 39, the former general manager of Trenchant (L3Harris’s cyber arm), pleaded guilty to stealing eight cyber exploits and selling them to a Russian broker between 2022 and 2025. He sold the tools via encrypted channels for cryptocurrency, spent proceeds on luxury purchases, and admitted his actions caused roughly $35 million in losses to the United States and allied intelligence communities. Williams was sentenced to 87 months in prison and ordered to forfeit $1.3m in cash, crypto, properties and luxury goods; a restitution hearing is scheduled for 12 May 2026.

On the same day, the US Treasury sanctioned Russian broker Sergey Zelenyuk, his company Operation Zero, and several associated individuals and entities for acquiring and re-selling US cyber tools. The sanctions are the first applied under the Protecting American Intellectual Property Act (PAIPA). Operation Zero reportedly focused on exploits for popular US software and encrypted messaging platforms and sold only to non‑NATO customers.

Key Points

  • Peter Williams, ex‑Trenchant manager at L3Harris, pleaded guilty to selling eight exploits to a Russian broker.
  • He received up to $4m in cryptocurrency and used proceeds for luxury purchases; authorities ordered forfeiture of $1.3m plus assets.
  • Williams was sentenced to 87 months in prison; a restitution hearing is set for 12 May 2026.
  • The incident is estimated to have caused about $35m in damage and harmed US and Australian intelligence capabilities.
  • The US Treasury sanctioned Sergey Zelenyuk, Operation Zero and related entities — the first PAIPA sanctions.
  • Operation Zero bought and traded exploits targeting mainstream US software and encrypted messaging apps and marketed to non‑NATO actors.

Context and relevance

This case highlights the insider threat risk within defence contractors and the commercial exploit markets that enable nation‑state operations. The use of cryptocurrency and encrypted communications to monetise sensitive cyber capabilities is a persistent pattern, and the Treasury’s use of PAIPA shows authorities are expanding economic tools to disrupt buyers and brokers.

Why should I read this?

Because it’s not just a courtroom story — it’s proof that senior staff can monetise the very tools that break our systems. If you work in cyber, procurement or risk, this quick read shows how exploits move from trusted labs into hostile hands and what regulators are now doing about it.

Author style

Punchy: a senior manager betrayed trust, profited millions and materially damaged national security. The authorities have started using new sanctions to hit the buyers — read the detail if you care about defence supply‑chain risk or how exploit economies operate.

Source

Source: https://go.theregister.com/feed/www.theregister.com/2026/02/25/former_l3harris_exec_jailed/