Peter Williams, a former general manager at defense firm L3Harris, pleaded guilty to selling surveillance technology to a Russian broker buying “cyber tools,” the US Department of Justice confirmed Wednesday.
“The material, stolen over a three-year period from the US defense contractor where he worked, consisted of national security-focused software that included at least eight sensitive and protected cyber exploits,” it reads. the DOJ press release on Wednesday. “These components were intended to be sold exclusively to the US government and select allies.”
TechCrunch previously exclusively reported, citing four former Trenchant employees, that the company was investigating a leak of its hacking tools. Prosecutors now say Williams took advantage of his access to the company’s “secure network” to steal the cyber exploits.
Williams headed Trenchant, the division at L3Harris that develops spyware, exploits and zero-days — security vulnerabilities in software that are unknown to the manufacturer. Trenchant sells its surveillance technology to government customers in Australia, Canada, New Zealand, the United States and the United Kingdom, the so-called Five Eyes intelligence alliance. Trenchant was founded after L3Harris in 2019 acquired two Australian sister startupsAzimuth and Linchpin Labs, which developed and sold zero-days to the Five Eyes alliance of countries.
The DOJ said Williams, a 39-year-old Australian citizen residing in Washington, DC, sold holdings to the unnamed Russian broker, who promised Williams millions of dollars in cryptocurrency in return. Trenchant’s former general manager reportedly signed contracts with the broker that stipulated an initial payment for exploits and periodic payments “for ongoing” support.
Prosecutors did not name the Russian broker to whom Williams was sold, but said the broker is publicly billed as a reseller of holdings to multiple clients, including the Russian government.
Contact us
Do you have more information about this case and the alleged leak of Trenchant hacking tools? From a non-working device, Lorenzo Franceschi-Bicchierai can be reached securely on Signal at +1 917 257 1382 or via Telegram, Keybase and Wire @lorenzofb or via email.
U.S. Attorney Jeanine Pirro said Wednesday that the broker Williams sold to is being exploited as part of “the next wave of international arms dealers.” Pirro said Williams’ crimes caused more than $35 million in damages to Trenchant.
“Williams betrayed the United States and his employer by first stealing and then selling intelligence-related software,” said Assistant US Attorney General for Homeland Security John A. Eisenberg. “His conduct was willful and fraudulent, endangering our national security for personal gain.”
L3Harris spokeswoman Sara Banda declined to comment when contacted by TechCrunch on Wednesday.
John Rowley, one of Williams’ attorneys, declined to comment.
On Oct. 14, the US government charged Williams, who is known in the industry as “Doogie,” with selling trade secrets to a buyer in Russia, without specifying what those trade secrets were or which company he stole them from. According to a document filed in mid-October, Williams received $1.3 million for the sale of the holdings.
Williams pleaded guilty to two counts of theft of trade secrets, each of which carries a sentence of 10 years in prison. He will be sentenced in January 2026, prosecutors said.
According to Risky Business presenter and journalist Patrick GrayWilliams is currently under house arrest in the Washington, DC area where he lives. Gray said Williams worked for the Australian Signals Directorate (ASD), the country’s top signals intelligence and interception agency.
When TechCrunch previously reached out, an ASD spokesperson would not comment on Williams, citing a law enforcement matter.
Last week, TechCrunch reported that Williams had fired a Trenchant developer earlier this year who was suspected of stealing Chrome zero-days. The former Trenchant employee told TechCrunch that he never had access to these tools as he was working on iOS zero-days development. Other former colleagues supported his account.
“I know I was scapegoated. I wasn’t guilty. It’s very simple,” the developer of the exploit told TechCrunch. “I did absolutely nothing but kick their ass.”
This story has been updated with a response from Williams’ attorney, John Rowley.
