An Australian man has pleaded guilty in connection with a scheme to steal powerful hacking tools from an American defence contractor and sell them to a buyer in Russia, the US Justice Department said.
The tools were “meant to be sold exclusively to the US government and select allies,” but 39-year-old Peter Williams sold them to a Russian software exploit broker that touted its ties to Moscow and other foreign governments, the Justice Department alleged.
Prosecutors say the theft caused $US35 million ($53 million) in losses for the company, which is not identified in court documents.
But British business records list Williams as the former general manager of Trenchant, an intelligence firm owned by US defence contractor L3Harris Technologies.
L3Harris’ website describes Trenchant as a “trusted, discreet partner furnishing security products, consultancy, training and integration services to allied governments, defence, security and law enforcement agencies”.
A lawyer for Williams declined to comment today, as did a spokesperson for L3Harris.
The case shines a light on the private market for software exploits that bypass tech firms’ security controls and can fetch millions of dollars from government and non-government buyers alike.
US Attorney Jeanine Pirro called online brokers that sell hacking tools “the next wave of international arms dealers”.
In Williams’ case, the theft and sale of the tools “allowed non-allied foreign cyber actors to obtain sophisticated cyber exploits that were likely used against numerous unsuspecting victims,” Pirro said in a statement.
The Justice Department did not identify any alleged victims.
Williams allegedly used the proceeds from the sale of software exploits to buy luxury watches and other items, according to prosecutors. He was promised “millions of dollars” in cryptocurrency payments, the Justice Department said.
US national security officials have long been concerned that hacking techniques that American or Western intelligence officers hone in government work will be commercialised and used against Americans.
The Justice Department in 2021 charged three former US intelligence or military operatives who allegedly helped build a hacking program for the United Arab Emirates government.
“America’s national security is NOT FOR SALE, especially in an evolving threat landscape where cybercrime poses a serious danger to our citizens,” Attorney-General Pamela Bondi said in a statement today.
