US sanctions Russian broker for buying stolen zero-day exploits
Bleeping Computer
by Sergiu GatlanFebruary 25, 2026
AI-Generated Deep Dive Summary
The U.S. Treasury Department has imposed sanctions on Matrix LLC, operating as Operation Zero in St. Petersburg, Russia, along with its owner Sergey Zelenyuk and five associated individuals and companies. The designations were made under the Protecting American Intellectual Property Act (PAIPA), targeting intellectual property theft by foreign adversaries. This marks the first use of PAIPA since its enactment.
The sanctions stem from the case of Peter Williams, a former executive at Trenchant, a cybersecurity unit of U.S. defense contractor L3Harris. Williams pleaded guilty to stealing eight zero-day exploits—highly sophisticated hacking tools designed exclusively for U.S. government and allied intelligence use—and selling them to Operation Zero for $1.3 million in cryptocurrency. These tools were intended solely for authorized governmental use, but their theft and sale compromised national security.
Operation Zero specializes in acquiring and developing zero-day exploits, offering bounties to researchers and others for vulnerabilities in widely used software, including U.S.-built systems. Despite its claims of selling only to Russian entities, the company’s actions raise concerns about the global reach of cyber espionage tools and their potential misuse by adversaries.
The sanctions include freezing assets of designated individuals and companies, such as Zelenyuk’s UAE-based front company, Special Technology Services LLC, and another exploit brokerage firm, Advance Security Solutions. The penalties also expose any American businesses or individuals engaging with these entities to secondary sanctions.
This case underscores the critical need to protect
Verticals
securitytech
Originally published on Bleeping Computer on 2/25/2026