The United States government has launched a crackdown on a global network accused of stealing and selling sensitive cyber tools used for national security. In a move announced on Tuesday, February 24th, the Department of the Treasury placed sanctions on Sergey Sergeyevich Zelenyuk and his Russian firm, Matrix LLC, better known in the industry as Operation Zero.
The Treasury Department’s press release identifies this group as an “exploit broker.” To put it simply, an exploit is a specific method or piece of code that takes advantage of a flaw in a computer program, allowing a user to gain secret access to a device, steal data, or take over a system entirely.
Investigation revealed that Zelenyuk has been running this operation since 2021, offering millions of pounds in rewards to hackers who can find weaknesses in American software and encrypted messaging apps.
The Cost of Betrayal
The case involves the theft of eight proprietary cyber tools. These were not just any programs; they were created for the exclusive use of the US government and its allies. These tools were stolen from an American company by an insider named Peter Williams.
Williams, a 39-year-old Australian national, pleaded guilty on 29 October 2025 to stealing these trade secrets. He was sentenced to 87 months in prison for selling these secrets. The Department of Justice also announced his sentencing on February 24th, revealing that he used his senior position at a US defence contractor to auction off these capabilities to a Russian bidder for personal gain. Along with his prison term, the court ordered him to give up $1.3 million, cryptocurrency, and various luxury items, including a house and expensive watches
It is worth noting that Williams sold the stolen tools to Operation Zero in exchange for millions of dollars paid in cryptocurrencies. The Treasury Department noted that the group then sold these sensitive tools to at least one unauthorised user, and beyond traditional software, the group also sought to develop ways to extract private data from people using artificial intelligence applications.
A Network of Global Associates
The US Treasury’s action also names several individuals and companies tied to the Russian broker. This includes Zelenyuk’s assistant, Marina Evgenyevna Vasanovich, and a UAE-based firm called Special Technology Services (STS).
The investigators also identified Azizjon Makhmudovich Mamashoyev and Oleg Vyacheslavovich Kucherov as key associates. Kucherov is a suspected member of the Trickbot cybercrime gang, which has a history of attacking hospitals and government centres. Whereas Mamashoyev is also linked to a second brokerage firm, Advance Security Solutions, which operates in the UAE and Uzbekistan.
Secretary of the Treasury Scott Bessent was clear about the government’s stance, stating: “If you steal US trade secrets, we will hold you accountable.”
These sanctions are the first ever issued under the Protecting American Intellectual Property Act. As we know it, the goal is to freeze the group’s assets and block them from the global financial system to protect national security.
