US Hacking Tool Boss Stole and Sold Exploits To Russian Broker That Could Target Millions of Devices, DOJ Says (techcrunch.com) 54
Federal prosecutors have revealed that Peter Williams, the former general manager of U.S. defense contractor L3Harris's hacking tools division Trenchant, sold eight stolen software exploits to a Russian broker whose customers -- including the Russian government -- could have used them to access "millions of computers and devices around the world."
Williams, a 39-year-old Australian national, pleaded guilty in October and admitted to earning more than $1.3 million in cryptocurrency from the sales between 2022 and 2025. In a sentencing memorandum filed Tuesday ahead of his anticipated February 24 sentencing in a Washington, D.C., federal court, the Justice Department asked the judge for nine years in prison, $35 million in restitution, and a maximum fine of $250,000.
Prosecutors described the unnamed Russian buyer -- believed to be Operation Zero, which publicly claims to sell only to the Russian government -- as "one of the world's most nefarious exploit brokers." Williams chose it because, by his own admission, "he knew they paid the most." He also oversaw the wrongful firing of a subordinate who was blamed for the theft.
Williams, a 39-year-old Australian national, pleaded guilty in October and admitted to earning more than $1.3 million in cryptocurrency from the sales between 2022 and 2025. In a sentencing memorandum filed Tuesday ahead of his anticipated February 24 sentencing in a Washington, D.C., federal court, the Justice Department asked the judge for nine years in prison, $35 million in restitution, and a maximum fine of $250,000.
Prosecutors described the unnamed Russian buyer -- believed to be Operation Zero, which publicly claims to sell only to the Russian government -- as "one of the world's most nefarious exploit brokers." Williams chose it because, by his own admission, "he knew they paid the most." He also oversaw the wrongful firing of a subordinate who was blamed for the theft.
What a headline (Score:3, Insightful)
If it requires effort to be parsed and understood, it's not a good headline. Are native English speakers finding it easy to understand? What even is a hacking tool boss?
Re: (Score:3)
Re: (Score:3)
It's not too bad, but it is a little structurally ambiguous. "...Sold Exploits To Russian Broker That Could Target Millions of Devices...." That might mean the Russian broker could target millions of devices, or it might mean that the tool could target millions of devices. And is the broker a Russion person, or does he sell Russian people?
But some headlines are actually hilarious, though. Like these. [upenn.edu] Hard to pick a favorite, but I do like these:
Include Your Children When Baking Cookies
Iraqi Head Seeks Arm
Re: (Score:2)
Re: (Score:2)
Let's not get caught up in the word-salad headline debate and focus on the real issue.
Let me see - did I ask the Slashdot crowd for a list of topics acceptable to discuss? Hmm, nope. Thanks anyway for your unsolicited advice.
Our government, is spending our tax dollars, to find bugs in our software, and not telling us about those bugs that could be exploited and leave us vulnerable. The US government should not be allowed to silently exploit consumer or commercial software....There should be a law requiring disclosure from government entities...
About 90% of the bugs are disclosed; the other 10% remain undisclosed for some period of time while various defense and intelligence agencies use them for "cyber warfare" activities. The larger problem is not bugs that are not disclosed; it's that many of the bugs that ARE disclosed go unaddressed [govtech.com] by the software vendors. Maybe the law you're looking for should be to req
Re: What a headline (Score:5, Informative)
(US Hacking Tool [company]) Boss (Stole and Sold) Exploits To (Russian Broker) That Could Target Millions of Devices. [According to DOJ]
Re: (Score:1)
[According to DOJ]
You should have put that at the start so we'd know the rest was all bullshit.
As if Pam Bondi and Trumps merry band of pedo protectors can be trusted to be honest.
Re: What a headline (Score:2)
Welcome to Slashdot (Score:2)
It is as its "editors" prefer.
Better hope he saved enough... (Score:5, Interesting)
Dude seems like a real shitbag.
Re:Better hope he saved enough... (Score:5, Informative)
Re: (Score:3)
When the president leads the way, others follow....
Yeah, this is currently a top-down problem. When the people see fraud paying off in the way it pays off for our "leaders," it's hard to make the argument that we should all be stand-up good citizens. It's proving out to be a gimme, gimme country, and we're witnessing the ultimate gimme, gimme by the grifter in chief, showing the citizens how to play the game.
Re: (Score:3)
How about all the woman who accused Bill Clinton?
You can have Bill Clinton. We don't give a fuck. He was a rapey piece of shit which many of us have been pointing out, check my posting history. That pales compared to the Trump-Epstein child rape and cannibalism consortium, but still, you can have him too.
Pretending not to understand (Score:1)
Yeah we hate both those pieces of shit too but we gotta deal with the pipe-spanning corn-loaf ruining the entire country at record pace.
Tell you what, you put the entire corrupt republican party in a cell block where they belong and i'll gift wrap the clintons for you.
Re: (Score:2)
Yeah we hate both those pieces of shit too but we gotta deal with the pipe-spanning corn-loaf ruining the entire country at record pace.
Tell you what, you put the entire corrupt republican party in a cell block where they belong and i'll gift wrap the clintons for you.
Do the same for the democrats and we'll have a nation wide street party. Because they are all corrupt.
Re: (Score:1)
sure, take them. They're literal human garbage.
They're not as bad as the republicans though and thats pretty much the only reason we vote for them.
I know you wanna make a nice "both sides" shitpost but I'm not gonna let you equate the two for to confuse our drooling audience.
Re: (Score:2)
sure, take them. They're literal human garbage.
They're not as bad as the republicans though and thats pretty much the only reason we vote for them.
I know you wanna make a nice "both sides" shitpost but I'm not gonna let you equate the two for to confuse our drooling audience.
No I actually don't. I want them all gone, no exceptions, staffers too. A clean house.
Re: (Score:1)
bu bu bu bu democrats.. let's talk about democrats.
BOTH SiDes
*jerk off motion*
Lying little failure (Score:2)
What the fuck are you even talking about regarding Biden?
As far as Clinton goes, I don't know who you think is defending him. Everyone I know says if you can prove he did something, lock the fucker up.
And that's the difference between normal, ethical people and fascist freaks. You defend these awful shitbags out of tribal allegiance - who cares if they rape kids, they're on your side. And you expect others to behav
Re: (Score:1)
Re: Better hope he saved enough... (Score:4, Informative)
He won't get a Trump pardon that cheap unless he was a pedo [npr.org]
Re: (Score:1)
Dude seems like a real shitbag.
See, halfway there already. Trump will love him.
Double standards? (Score:3)
And what Cellebrite does is ok because they are selling to the US?
Or because they didn't steal from the US?
Re: (Score:2)
Oh no Israel loves spying on the usa.
Double standard (Score:2)
Amateur (Score:4, Insightful)
Who takes that sort of risk for only $1.3 million?
Re: (Score:2)
1.3 million that we know about. Crypto. And since he only got 9 years, he'll have an opportunity to spend it.
Re: (Score:2)
Nine years is a long time for law enforcement to find his stash.
How can that be treason? (Score:1)
Re: How can that be treason? (Score:2)
It's treason if you haven't gotten permission from the Don. There are rules and a hierarchy in organizes crime.
access millions of computers and devices (Score:3)
Wait, so it was OK when only the US had backdoor access to millions of computers and devices?
Re: (Score:3)
When morally upright people with some technical competence discover an exploit that can be used as a backdoor, they report it to the vendor so it can be fixed. They don't report it on public media, so the vendor has time to fix it before criminals learn about it, thus protecting everyone who is already using the software. And, in turn, the morally upright and competent software vendor actually prioritizes it for a speedy fix, and does not have the reporter arrested and charged with criminal hacking.
But we
Re: (Score:1)
yes actually kinda.
9 Years? Fuck that. (Score:2, Interesting)
This guy must die.
And... (Score:2)
What about the guy he framed for the theft and took away his livelihood and reputation ...personally?
Did they make sure he would receive compensation?
Re: (Score:1)
Can we all point to this... (Score:5, Insightful)
...the next time any Government spokesperson tells us that back-doors to cryptography are perfectly safe as only law-enforcement will have them?
Re: (Score:2)
Exactly... the governments of the world aren't going to let an encryption scheme go public without a way to peek at the data that goes through ECHELON and similar outfits (SIGINT).
Your secure Facebook messages? Your encrypted WhatsApp? Your secure connection on your banks website? Your VPN connection? Your encrypted iPhone? Some guy in the basement of a CIA blacksite with a straight fiber connection to the backbone sits and reads all your encrypted stuff and does iPhone decrypting for fun.
Re: (Score:2)
Which government's law enforcement agency?
Russia's?
Nine years is not enough, not even close (Score:2, Insightful)
He ruined the life of an innocent person
He betrayed his countrymen for money
He compromised security for everyone
This may get people killed.
Re: Nine years is not enough, not even close (Score:2)
Not a US citizen? (Score:1)
the former general manager of U.S. defense contractor L3Harris's hacking tools division Trenchant ...
Williams, a 39-year-old Australian national,
A lot of US defense contractor jobs require you to be a US citizen.
Maybe not this one.
Or maybe he was a dual national. But if he was, the article probably would have said so.
More leaky hacktools? (Score:2)
Every couple of years we hear about another tranche of spooks security tools leaking out.