The U.S. Treasury Department has sanctioned a Russian cyber broker accused of selling and buying U.S. government hacking tools. This marks the first use of the Protecting American Intellectual Property Act, designed to penalize the theft and sale of sensitive American technology. The sanctions target Sergey Sergeyevich Zelenyuk and his St. Petersburg-based company, Matrix LLC, also known as Operation Zero.
Authorities allege Operation Zero acquired at least eight classified cyber tools developed for the U.S. government. These tools were reportedly stolen by Peter William, an Australian national and former U.S. defense contractor employee. Prosecutors state William sold the stolen tools to Operation Zero for $1.3 million in cryptocurrency. William has since pleaded guilty to trade secret theft.
The stolen tools include dangerous zero-day exploits, which target unknown software vulnerabilities before they can be patched. The Treasury also sanctioned Oleg Vyacheslavovich Kucherov, allegedly linked to the Trickbot cybercrime group, and Marina Evgenyevna Vasanovich, identified as Zelenyuk’s assistant.
Operation Zero is also reported to have worked on spyware and AI tools capable of data extraction. The sanctions freeze any U.S.-based assets connected to the sanctioned individuals and prohibit American engagement in business dealings with them. This action underscores increasing concerns over the theft of U.S. cyber defense capabilities.