đź“Š
No votes yet – Be the first to vote
The Americans strike hard. The Treasury Department has just sanctioned a Russian brokerage network accused of purchasing stolen cyber tools from the US government using cryptocurrencies.
On Tuesday, the Treasury’s Office of Foreign Assets Control designated Russian Sergey Sergeyevich Zelenyuk, his company Operation Zero, and several associates and affiliated companies. The action blocks any property or interests of the designated parties under US jurisdiction and prohibits US persons from dealing with them. The Treasury states that Zelenyuk, operating out of Saint Petersburg, built a business acquiring and selling “exploits” — tools that exploit software vulnerabilities to illegally access systems or extract data. Among the tools acquired by Operation Zero, at least eight were proprietary cyber tools developed by a US defense contractor for exclusive use by the US government and its allies.
Unlucky for them.
Peter Williams, an Australian and former employee of the contractor, stole the tools. According to the Department of Justice, Williams stole the trade secrets between 2022 and 2025, then sold them to Operation Zero in exchange for millions of dollars in cryptocurrency. He pleaded guilty in October 2025 to two counts of trade secret theft, following an investigation by the Department of Justice and the FBI. Williams probably didn’t expect it to go this far when he started.
Scott Bessent, the Treasury Secretary, wants to send a clear message. Bessent: “If you steal American trade secrets, we will hold you accountable.” The sanctions were issued under Executive Order 13694, amended to target malicious cyber activities threatening US national security, foreign policy, or economic stability.
And that’s not all.
In parallel, the State Department imposed sanctions under the Protecting American Intellectual Property Act, which provides penalties against foreign actors involved in significant theft of US trade secrets. Zelenyuk and Operation Zero are the first sanctioned under this statute. The Treasury also designated several associates of the network, including Marina Evgenyevna Vasanovich, described as Zelenyuk’s assistant, and Special Technology Services LLC FZ, a UAE-based tech company controlled by Zelenyuk. Two other individuals, Azizjon Makhmudovich Mamashoyev and Oleg Vyacheslavovich Kucherov, were sanctioned for material support. The Treasury identified Kucherov as a suspected member of the Trickbot cybercriminal group, linked to ransomware attacks against US government agencies and healthcare providers. For more details, see US and Japan Eye Joint Currency.
Operation Zero offered cryptocurrency bounties for exploits targeting widely used US operating systems and encrypted messaging platforms. The company did not disclose the discovered vulnerabilities to the concerned companies and sought to sell them to clients in non-NATO countries.
Although the Treasury stated that cryptocurrencies facilitated transactions for the stolen tools, it did not release specific crypto wallet addresses or impose specific blockchain designations. The Department of Justice revealed that the investigation into Zelenyuk’s network began after an information leak in 2024, highlighting suspicious cryptocurrency transactions. Undercover agents discovered that Operation Zero used encrypted messaging platforms to negotiate with potential buyers. Andrea Gacki, director of the Office of Foreign Assets Control: “Every illicit transaction identified strengthens the US’s resolve to protect its digital resources.”
But it goes further than that.
US authorities are collaborating with Interpol to locate other network members who may be operating from jurisdictions without extradition treaties with the US. The Department of Homeland Security announced it will intensify checks on tech imports from Russia. The goal is to prevent compromised technologies from entering the US that could harm critical infrastructure. The Treasury Department specified that the sanctions also include the seizure of bank accounts associated with Operation Zero in several European countries. These accounts were identified through collaboration with European financial authorities. See also: MicroStrategy Hits 100th Bitcoin Buy Despite.
In January 2026, a raid by Russian law enforcement in Saint Petersburg seized several of Zelenyuk’s servers, containing thousands of lines of exploit code. The operation was conducted in coordination with US intelligence services, highlighting the importance of international cooperation in this case. The Justice Department also announced the arrest of two other individuals linked to Operation Zero during a joint operation on February 15, 2026. The names have not been disclosed, but they are reportedly involved in the logistics and management of cryptocurrency transactions for the network.
The Treasury says more sanctions could follow. Ongoing investigations may reveal more accomplices or clients who benefited from the exploits sold by Operation Zero.
The case is part of a broader escalation of cyber tensions between Washington and Moscow. Since 2021, the US has sanctioned over 300 Russian entities for malicious cyber activities, according to the National Security Council. Cybersecurity experts estimate that the black market for exploits generates between 2 and 5 billion dollars annually.
The US defense industry is already tightening its security protocols. Lockheed Martin and Raytheon have announced additional combined investments of 500 million dollars to strengthen their internal systems following this case. Federal contractors will now have to subject their employees to enhanced security checks every six months.
Post Views: 3
Leave a Reply