A former executive at an American company is selling secret hacking tools to Russia in exchange for cryptocurrency.

 

Cybersecurity

A former executive at an American company is selling secret hacking tools to Russia in exchange for cryptocurrency.

Peter Williams, the former general manager of Trenchant, a subsidiary of the American defense group L3Harris, admitted to stealing sophisticated spying and hacking tools and selling them to a Russian intermediary for more than $1.3 million in cryptocurrency.

Williams, 39, an Australian citizen, exploited his position within the company to access a protected network containing rare digital vulnerabilities known as "zero-day" vulnerabilities, according to court documents and testimony from his former colleagues.
Zero-day vulnerabilities are unknown to software developers and are sold for millions of dollars for use in espionage and hacking operations, according to a report published by TechCrunch and reviewed by Al Arabiya Business.

From trusted expert to "digital traitor"

Williams worked at Trenchant for years and had "top user" privileges, which gave him full access to the company's confidential tools and multi-authentication-protected security systems.
According to the documents, he copied these tools to an external hard drive and transferred them to his personal devices, before sending them via encrypted channels to the Russian intermediary.
A former employee of the company said that Williams was considered one of the most trusted people within senior management and was not subject to any direct oversight, adding that he exploited this trust to push his operations out of the public eye.

Misleading internal investigation

In 2024, Williams himself took charge of investigating the leak of one of the company's tools, after it was discovered to be in the possession of an unauthorized software broker.
The investigation he oversaw concluded that the leak was not the result of an external hack, but rather due to unauthorized internet access from an isolated device, apparently in an attempt to deflect suspicion from himself.
Later, Williams fired one of the company's developers after accusing him of double-dealing and leaking hacking tools related to the Chrome browser, but it turned out that the employee did not have any access to those tools.

Apple later informed this employee that his phone had been targeted by mercenary software, reinforcing suspicions that he was a victim of a cover-up for his boss's crimes.
Selling secrets to the enemies of the West
Williams used the pseudonym "John Taylor" to communicate with the Russian intermediary, believed to be Operation Zero, a Russia-based platform that pays up to $20 million for tools to hack Android and iPhone phones and sells them exclusively to Russian government entities.
The deals began in 2022, with Williams selling his first hacking tool for $240,000, followed by seven more tools for a total of $4 million, but he actually received only $1.3 million.

Betrayal threatens Western security

Cybersecurity circles describe this incident as a double betrayal, as it not only stole sensitive defense secrets, but also handed them over to a direct adversary of the West, namely Russia, at a time of escalating tension in the global digital space.
One of Williams' former colleagues said: "He betrayed the trust of Western security agencies and handed over sophisticated offensive tools to an entity that could use them against our own interests."
The case that shook the Western intelligence community highlights the fragility of internal security even in the most secretive institutions, and raises questions about the extent of oversight of those who possess the keys to the technology that protects the national security of countries.