Ex-L3Harris Executive Pleads Guilty to Selling Zero-Day Exploits to Russia

Former L3Harris General Manager Pleads Guilty to Selling Surveillance Tech to Russia

Peter Williams, previously the general manager at defense contractor L3Harris, has admitted to guilt regarding the sale of surveillance technology to a Russian broker specializing in “cyber tools,” as confirmed by the U.S. Department of Justice on Wednesday.

Details of the Stolen Technology

The compromised material, obtained over a three-year period from his employer, consisted of national-security-focused software. This included a minimum of eight sensitive and protected cyber-exploit components.

These components were intended for exclusive use by the U.S. government and its designated allies.

Investigation and Williams’ Access

Prior reporting by TechCrunch revealed that the company, Trenchant, was investigating a breach involving its hacking tools. Prosecutors assert that Williams leveraged his authorized access to the company’s secure network to illicitly obtain the cyber exploit components.

Trenchant’s Role and Origins

Williams led Trenchant, the L3Harris division responsible for developing spyware, exploits, and zero-day vulnerabilities – previously unknown security flaws in software.

Trenchant provides its surveillance technology to governmental clients in the Five Eyes intelligence alliance: Australia, Canada, New Zealand, the United States, and the United Kingdom.

The company’s foundation stems from L3Harris’ 2019 acquisition of two Australian startups, Azimuth and Linchpin Labs, both of which specialized in the development and sale of zero-days to the Five Eyes nations.

Financial Arrangement with the Broker

The DOJ stated that Williams, a 39-year-old Australian citizen residing in Washington, D.C., sold the exploits to the unidentified Russian broker in exchange for millions of dollars in cryptocurrency.

Allegedly, Williams signed agreements with the broker outlining an initial payment for the exploits, alongside recurring payments for ongoing support.

Broker’s Identity and Connections

While prosecutors have not disclosed the Russian broker’s name, they indicate the broker publicly presents itself as a reseller of exploits to a diverse clientele, including the Russian government.

Legal Consequences and Impact

U.S. Attorney Jeanine Pirro characterized the broker as representing “the next wave of international arms dealers.” Williams’ actions are estimated to have caused over $35 million in losses to Trenchant.

“Williams acted in a manner that was both deliberate and deceptive, betraying both the United States and his employer,” stated U.S. Assistant Attorney General for National Security John A. Eisenberg. “He jeopardized our national security for personal financial benefit.”

Company and Legal Representation Response

Sara Banda, a spokesperson for L3Harris, declined to provide a comment when contacted by TechCrunch on Wednesday.

John Rowley, representing Williams, also declined to comment.

Initial Accusations and Financial Gain

On October 14th, the U.S. government accused Williams, known within the industry as “Doogie,” of selling trade secrets to a Russian buyer, without initially specifying the nature of the secrets or the company from which they were stolen.

Court documents reveal Williams earned $1.3 million from the sale of the exploits.

Sentencing and Current Status

Williams has pleaded guilty to two counts of trade secret theft, each carrying a potential prison sentence of up to 10 years.

His sentencing is scheduled for January 2026, according to prosecutors.

Currently, Williams is under house arrest in the Washington, D.C. area, as reported by Patrick Gray, host of Risky Business.

Prior Employment

Gray noted that Williams previously worked for the Australian Signals Directorate (ASD), Australia’s primary signals intelligence agency.

A spokesperson for the ASD declined to comment on Williams, citing the ongoing law enforcement investigation.

Internal Investigation at Trenchant

TechCrunch previously reported that Williams terminated a Trenchant developer earlier this year who was suspected of stealing Chrome zero-days.

The developer maintained his innocence, stating he lacked access to those specific tools and primarily worked on iOS zero-days, a claim supported by former colleagues.

“I was made a scapegoat. I did nothing wrong,” the developer told TechCrunch. “I simply dedicated myself to my work.”

This article has been updated to include a statement from Williams’ attorney, John Rowley.