DOJ says Trenchant boss sold exploit software to Russian broker with access to ‘millions of computers and devices’

US prosecutors have confirmed for the first time that the former head of a US company that makes hacking and surveillance tools stole and sold technology that could hack into millions of computers and people around the world.

In October, Australian national Peter Williams, 39, pleaded guilty to selling eight hacking tools he stole from his employer Trenchant, a division of US defense contractor L3Harris, which sells its tools to enable surveillance to the US government and its closest allies. Williams admitted to making more than $1.3 million in cryptocurrency sales between 2022 and 2025, according to the Department of Justice.

In a court document released Tuesday, federal prosecutors said Williams’ actions “directly harmed” the U.S. intelligence community by selling hacking tools to a Russian company, which counts the Russian government among its clients.

While Williams was known to have sold Trenchant exploits — software that typically exploits flaws in other software to gain access to someone’s computer or device — prosecutors now say these eight tools could have been used to enable government surveillance, cybercrime and ransomware attacks indiscriminately around the world.

This latest revelation comes ahead of Williams’ expected sentencing on February 24 in federal court in Washington, D.C. In the sentencing memorandum, which prosecutors are using to persuade the court to issue the maximum sentence, the Justice Department said the vulnerabilities sold by Williams would have allowed the Russian intermediary and its clients “potentially access millions of computers and devices around the world, including in the United States.”

Prosecutors asked the judge to sentence Williams to nine years in prison, with three years of supervised release, mandatory restitution of $35 million, and a maximum fine of $250,000. The memorandum stated that Williams is expected to be deported to Australia after serving his sentence.

In response to the prosecution’s memorandum, Williams submitted a letter to the judge explaining his decisions, saying he regretted his actions.

“I made choices that directly violated the values ​​I believe in and the trust my family, colleagues and friends have placed in me,” Williams wrote. “I now realize that I allowed myself to ignore my commitments and training, and failed to ask for help or guidance when I knew I was headed in the wrong direction.”

Williams’ attorney, John P. Rowley, wrote in response to prosecutors that none of the stolen hacking tools were classified, and there is no evidence that Williams knew the tools would end up in the hands of the governments of Russia or another country. His lawyer said Williams did not intend to harm the United States or his native Australia, “although he now realizes that was a result of his actions.”

When contacted by TechCrunch, Justice Department spokesman Pearson Furnish declined to comment. Williams’ attorney, Rowley, did not respond to a request for comment.

From scapegoat to governance

During mid-2025, several sources familiar with the offensive cybersecurity industry told TechCrunch that someone working for Trenchant stole sensitive hacking tools and sold them to a US adversary.

A former Trenchant employee came forward and told TechCrunch that he was wrongly fired after the company accused him of stealing and leaking details of some of the company’s exploits.

But by October, prosecutors formally charged Williams, who was also Trenchant’s general manager at the time, of being behind the theft of the company’s hacking tools. The US government accused Williams of selling the exploits to a Russian broker in exchange for cryptocurrencies.

Prosecutors said FBI agents were in contact with Williams from late 2024 until the time of his arrest in mid-2025, during which he was overseeing Trenchant’s internal investigation into the theft of company secrets.

Despite the ongoing investigation, Williams continued to sell the company’s secrets and vulnerabilities — technically known as “zero days” since the affected software maker didn’t have time to patch them — even when he knew the FBI was investigating the theft and sale of Trenchant’s hacking tools.

Williams also supervised the firing of the Trenchant employee accused of leaking the tools. Sources told TechCrunch and prosecutors have since confirmed it. The fired employee told TechCrunch that he believed he was being made a scapegoat for someone else at the company. Weeks after being fired, the employee received notification from Apple that he had been targeted by government spyware, which has yet to be explained.

“[Williams] “He stood idly by while another employee of the company was essentially blamed for the defendant’s conduct,” prosecutors wrote in their sentencing memorandum. “He watched as an internal company investigation falsely blamed his subordinate.”

A spokesman for Trenchant did not respond to a request for comment on Williams or his investigation.

On August 6, FBI agents obtained and executed search warrants for Williams’ home, then confronted Williams with evidence that showed receipts for cryptocurrency payments, the alias he used to interact with the Russian broker who purchased the stolen trade secrets, and his contract with the broker.

The Russian middleman is likely to be Operation Zero, which is offering up to $20 million for Android and iPhone hacking tools. The company explicitly says it only sells to the Russian government and local organizations.

Operation Zero did not respond to a request for comment.

Prosecutors described the broker, who was not named, as “one of the most egregious exploitative brokers in the world” and said Williams chose him because “by his own admission, he knew they were paying more.”

“Williams’ desire for more money, a better lifestyle, a bigger home and more jewelry and trinkets simply could not be satisfied, and he chose to risk everything to betray his company, his colleagues, the United States and its allies to satisfy that desire,” prosecutors wrote.