The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced on February 25th sanctions against Russian exploitation broker Sergei Zelenyuk and his St. Petersburg company Matrix LLC (also known as “Operation Zero”). They are accused of selling stolen U.S. government proprietary network tools, marking the first law enforcement case under the “Protecting American Intellectual Property Act” to target digital trade secrets theft.
Operation Zero’s Operations and Sanctioned Entities
(Source: U.S. Department of the Treasury)
“Operation Zero” was launched in 2021, employing a public bounty system to purchase security vulnerabilities targeting mainstream operating systems and encrypted communication apps. Multiple bounties have been publicly posted on the X platform. Known rewards include $500,000 for 26 iOS vulnerabilities (November 2025) and $4 million for a complete attack chain vulnerability in Telegram (March 2025).
OFAC states that the exploits sold by “Operation Zero” enable attackers to gain unauthorized access, steal information, or remotely control targeted systems. The client base is explicitly limited to “private and government organizations in Russia,” focusing on offensive security research and software tools.
The sanctions also target two individuals: Oleg Vyacheslavovich Kucherov, suspected member of the Trickbot cybercriminal group, and Marina Evgenyevna Vasanovich, described as Zelenyuk’s assistant.
Australian Contractor Data Theft Case: $1.3 Million in Cryptocurrency as Key Evidence
The sanctions stem from investigations by the U.S. Department of Justice and FBI into Australian citizen Peter Williams. Williams, a former employee of a U.S. defense contractor, is accused of stealing eight “commercial secret zero-day exploits” between 2022 and 2025, selling them to “Operation Zero” for $1.3 million in cryptocurrency. Williams pleaded guilty in October 2025 to two counts of commercial secrets theft.
The U.S. State Department emphasized in an independent statement that the stolen tools were originally intended solely for sale to the U.S. government and its allies. Unauthorized resale poses a direct threat to U.S. intelligence capabilities. The Treasury also disclosed that “Operation Zero” is involved in developing espionage software and AI-driven tools to steal personal identification information, recruiting hackers via social media, and establishing contacts with foreign intelligence agencies.
Key Information on the Sanctions
Sanctioned Parties: Sergei Zelenyuk and Matrix LLC (“Operation Zero”), Kucherov, Vasanovich
Legal Basis: Protecting American Intellectual Property Act, marking its first application to digital trade secrets theft cases
Stolen Tools: Eight U.S. government proprietary network tools, originally intended for U.S. government and specific allies
Cryptocurrency Payments: Peter Williams sold stolen zero-day exploits for $1.3 million in cryptocurrency
Highest Bounty: “Operation Zero” previously offered a $4 million reward for a Telegram attack chain vulnerability
Frequently Asked Questions
What is the historical significance of the legal basis for these U.S. Treasury sanctions?
These sanctions are executed under the Protecting American Intellectual Property Act, which is the first time this law has been used to combat the theft and sale of digital trade secrets. OFAC states this signifies an expansion of U.S. enforcement tools against cyber tool theft into the realm of commercial secrets law, setting an important legal precedent.
What is “Operation Zero,” and how do their vulnerability trading operations work?
“Operation Zero” is a Russian exploitation broker led by Sergei Zelenyuk, purchasing security vulnerabilities for operating systems and encrypted communication apps through public bounties. Its clients are limited to Russian private and government organizations. The bounty rewards can reach up to $4 million, with transactions publicly posted on X, reflecting transparency in their dealings.
What implications does the use of cryptocurrency payments in this case have for crypto regulation?
Peter Williams paid $1.3 million in cryptocurrency to acquire stolen U.S. government zero-day exploits, highlighting cryptocurrency’s role as a primary payment method in transnational cyber espionage. This case raises regulatory concerns about the role of cryptocurrencies in national security crimes and underscores the importance of on-chain tracking tools and anti-money laundering measures in combating such transactions.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Nauru appoints crypto entrepreneur Dadvan Yousuf as Commissioner for International Trade, driving a digital asset strategy
Nauru appoints cryptocurrency entrepreneur Dadvan Yousuf as its Commissioner for International Trade to advance a digital asset strategy, attract global investment, strengthen cooperation with virtual service providers and technology companies, and help position Nauru as a virtual asset hub.
GateNews14m ago
Is it possible to bypass the Financial Supervisory Commission’s rules on using credit cards to buy crypto? Odingding promotes the Wallet Pro crypto purchase service with a U.S. debit card
OwlPay and Wallet Pro services launched by Oding Ding use stablecoin technology to enable B2B cross-border payments, and they have partnered with international payment giants to showcase their expansion ambitions in the fintech space. By operating from abroad, Oding Ding bypasses Taiwan’s regulatory restrictions, offering fast virtual-asset trading; at the same time, faced with the newly enacted Virtual Asset Services Act, it may in the future become a reference template for other foreign-funded companies entering the Taiwan market.
CryptoCity16m ago
Bank of Korea Calls for Crypto Market Circuit Breaker After Bithumb Error
The Bank of Korea advocates for a circuit breaker in South Korea’s crypto market after Bithumb's February blunder, where 620,000 BTC was mistakenly distributed. The proposal aims to enhance market safeguards and contain operational errors through a halt mechanism similar to stock markets.
CryptoNewsFlash54m ago
In Q1 2026, Web3 projects suffered losses of over $460 million from hacks and scams, with phishing attacks leading the way.
Hacken’s report shows that in the first quarter of 2026, Web3 projects lost $464.5 million due to hacker attacks and scams, with phishing and social engineering attacks accounting for $306 million in losses. In addition, hardware wallet scams accounted for the bulk of the losses. Moreover, losses were also significant due to smart contract vulnerabilities and access control failures. In terms of regulation, the European legal framework has increased security monitoring requirements.
GateNews59m ago
The U.S. IRS steps up tax oversight of cryptocurrency; the tax filing deadline is April 15
The U.S. Internal Revenue Service increases its crackdown on tax evasion involving cryptocurrency, requiring investors to proactively report their transactions by April 15. Starting in 2025, brokers will be required to report digital-asset gains, and investors will need to verify their costs themselves. 61% of investors don’t know about the new rules, and 52% are worried about making mistakes when filing. Experts recommend collecting transaction records to avoid penalties and criminal prosecution.
GateNews2h ago
Encourage innovation! A U.S. judge bars Arizona’s regulation of prediction markets, and pauses the prosecution of Kalshi
A U.S. federal district court ruled to block Arizona from suing the prediction market platform Kalshi under its gambling laws, finding that the federal Commodity Futures Trading Commission has exclusive jurisdiction. The ruling affects the boundary between state and federal authority in regulating financial markets. Kalshi has insisted that its business is a financial product rather than traditional gambling. Rulings by different states on prediction markets have varied, and the Trump family has also expressed support for prediction markets.
CryptoCity2h ago
