Former L3Harris Trenchant GM Faces 9-Year Sentence for Selling Zero-Day Exploits to Russian Broker

The U.S. Department of Justice has disclosed that the former general manager of Trenchant, a surveillance technology division of defense contractor L3Harris, illegally sold eight zero-day exploits to a Russian broker capable of compromising millions of devices worldwide.

Australian national Peter Williams, 39, pleaded guilty in October to stealing and selling proprietary hacking tools from his employer. Between 2022 and 2025, Williams generated over $1.3 million in cryptocurrency from these illicit sales, according to the DOJ.

In a court filing published Tuesday, federal prosecutors revealed that Williams' actions "directly harmed" U.S. intelligence operations by transferring sophisticated exploitation frameworks to a Russian entity that serves the Russian government as a client.

Scope of the Security Breach

The stolen exploits—software designed to leverage vulnerabilities in target systems for unauthorized access—could enable:

Prosecutors emphasized that these tools were sold to what they described as "one of the world's most nefarious exploit brokers," widely believed to be Operation Zero, a Russian firm that openly advertises purchasing zero-day exploits for up to $20 million and exclusively serves Russian governmental and domestic organizations.

Sentencing Recommendations

Ahead of Williams' February 24 sentencing hearing in Washington, D.C. federal court, the DOJ has requested:

Internal Investigation and Scapegoating

The case took a troubling turn when it was revealed that Williams actively supervised Trenchant's internal investigation into the theft while simultaneously continuing to sell stolen exploits. During this period, he oversaw the termination of a subordinate employee who was falsely accused of the leak.

The wrongfully terminated employee later received an Apple notification indicating his iPhone had been targeted with government spyware—an incident that remains unexplained.

Prosecutors noted: "[Williams] stood idly by while another employee of the company was essentially blamed for the Defendant's own conduct. He looked on while an internal corporate investigation falsely cast blame on his subordinate."

FBI Investigation Timeline

Federal agents maintained contact with Williams from late 2024 through his arrest in mid-2025. Despite knowing he was under FBI scrutiny, Williams continued his illicit sales operations until August 6, when agents executed search warrants at his residence.

The search yielded evidence including cryptocurrency payment receipts, aliases used to communicate with the Russian broker, and contractual agreements with the purchasing entity.

Defense Response

In a letter submitted to the court, Williams expressed remorse, stating: "I made choices that directly violated the values I believed in and the trust placed in me by my family, colleagues, and friends. I recognize now that I allowed myself to ignore my obligations and my training."

His attorney, John P. Rowley, argued that none of the stolen tools were classified and claimed Williams did not know they would reach Russian government entities, "although he now recognizes that was a consequence of his actions."

Prosecutors countered that Williams selected the Russian broker specifically because "by his own admission, he knew they paid the most," driven by "desire for more money, a better lifestyle, bigger home and more jewels and trinkets."

The DOJ and Williams' legal team declined to provide additional comments on the case.