An Australian national pleaded guilty in a US court to stealing trade secrets from a US defense contractor and selling them to a Russian broker of cyber exploits, the US Department of Justice announced.
While an employee of the victim company, the individual, Peter Williams, 39, stole at least eight “cyber-exploit components” of software associated with national security, which constituted trade secrets, the DoJ says.
The exploits were stolen between April 2022 and June 2025, and sold to a Russian broker that provides cybersecurity exploits to various customers, including the Russian government, court documents show.
According to facts presented in connection to the guilty plea, Williams entered written contracts with the broker and was promised millions of dollars in cryptocurrency in exchange for the stolen exploits.
He transferred the exploits using “encrypted means” and used the proceeds to acquire high-value items, the DoJ says.
Williams pleaded guilty to two counts of theft of trade secrets, each carrying a maximum sentence of up to 10 years in prison and a fine of up to $250,000.
“Williams placed greed over freedom and democracy by stealing and reselling $35 million of cyber trade secrets from a U.S. cleared defense contractor to a Russian Government supplier,” FBI Counterintelligence Division assistant director Roman Rozhavsky said.
The DoJ charged Williams on October 14 for stealing trade secrets from two companies and selling them to a buyer in Russia.
A ‘criminal information’ document shows that the US is seeking the forfeiture of property – including a house, jewelry, expensive watches, designer clothing – and funds in Williams’ crypto and bank accounts totaling $1.3 million and representing proceeds from his illicit activity.
While the DoJ did not share details on the victim company or the stolen exploit components, TechCrunch reported that Williams was an executive at Trenchant, a division of L3Harris.
Williams was charged around the same time that a former Trenchant developer working on iOS exploits was fired for allegedly leaking Chrome exploits developed by the company.
The developer told TechCrunch he was scapegoated for the leak as part of an internal Trenchant investigation. He claimed he did not have access to Chrome exploits, as he worked on a different project, and that Williams was the one who told him he was being fired.
The Russian broker was not named either, but documents presented in court suggest it could be Operation Zero, a Russian zero-day acquisition firm that sells products to “a non-NATO country”. In September 2023, Operation Zero announced bounties of up to $20 million for Android and iOS exploits.
Related: Four-Year Prison Sentence for PowerSchool Hacker
Related: Former US Soldier Who Hacked AT&T and Verizon Pleads Guilty
Related: Man Admits Hacking Disney and Leaking Data Disguised as Hacktivist
Related: Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes
