CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

US Sanctions Russian Exploit Broker Operation Zero

The broker acquired eight zero-day exploits from a US defense contractor executive jailed for his actions. The post US Sanctions Russian Exploit Broker Operation Zero appeared first on SecurityWeek.

Sanctions

The US government this week announced sanctions against seven individuals and entities for the acquisition and distribution of cyber exploits harmful to national security.

The Department of State designated Sergey Sergeyevich Zelenyuk as the owner of Russian exploit broker Operation Zero (Matrix LLC) and Special Technology Services LLC FZ (STS).

Between 2022 and 2025, the State Department says, Operation Zero acquired eight zero-day exploits stolen by Peter Williams from his employer, likely Trenchant, a division of L3Harris. Williams, an Australian national, was sentenced to 87 months in prison in the US.

According to State, the exploits were meant to be sold exclusively to the US government and allied government entities. Operation Zero paid $1.3 million in cryptocurrency for the cyber tools.

Zelenyuk, the department says, is the director and sole owner of Operation Zero. He also established STS in the UAE to circumvent US sanctions on Russian bank accounts and to conduct business with entities in Asia and the Middle East.

Concurrently, the Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against Zelenyuk, his companies, and four individuals and organizations associated with them.

Operation Zero, OFAC says, has offered millions of dollars for zero-day exploits and sold them to customers in non-NATO countries, which have used them in ransomware attacks and other malicious activities.

The office also says that, through Operation Zero, Zelenyuk sought to sell exploits to foreign intelligence agencies, to develop cyber intelligence systems such as spyware, and to recruit hackers to support its activities.

Additionally, OFAC announced sanctions against Marina Evgenyevna Vasanovich, Zelenyuk’s assistant, Oleg Vyacheslavovich Kucherov, a suspected member of the Trickbot hacking group, and Azizjon Makhmudovich Mamashoyev, who previously worked with Operation Zero.

OFAC also sanctioned Advance Security Solutions, an exploit broker and offensive cybersecurity company established by Mamashoyev, which operates in the UAE and Uzbekistan.

Related: Google Disrupts Chinese Hackers Targeting Telecoms, Governments

Related: Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs

Related: China Revives Tianfu Cup Hacking Contest Under Increased Secrecy

Related: UK Sanctions Russian and Chinese Firms Suspected of Being ‘Malign Actors’ in Information Warfare

Latest News

CYBERNEWSMEDIAPublisher