The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed anctions on Matrix LLC (also known as Operation Zero), its owner Sergey Sergeyevich Zelenyuk, and several associated individuals and companies for their roles in acquiring and trading sophisticated cyber-attack tools stolen from a U.S. defense contractor. This action is the first enforcement of the Protecting American Intellectual Property Act (PAIPA), a law targeting foreign entities that profit from stealing U.S. trade secrets and proprietary technology. The sanctions freeze any U.S.-held assets of the designated parties and prohibit U.S. persons and entities from engaging in financial or commercial transactions with them.

OFAC’s designation follows revelations that Operation Zero obtained at least eight proprietary cyber tools — specialized software exploit components designed for exclusive use by the U.S. government and allied intelligence agencies — andthen resold them to at least one unauthorized user. These “exploits” are pieces of code that take advantage of previously unknown vulnerabilities in widely used software, enabling unauthorized access, data theft, or control of targeted systems. Operation Zero has also publicly offered large bounties to researchers for uncovering and submitting exploits, including for mobile operating systems and encrypted messaging platforms.

The sanctions coincide with the criminal prosecution and sentencing of Peter Williams, a 39-year-old Australian national and former general manager of Trenchant, a cyber-security unit owned by U.S. defense contractor L3Harris.Williams pleaded guilty to stealing the eight zero-day tools from Trenchant between 2022 and 2025 and selling them to Operation Zero in exchange for approximately $1.3 million in cryptocurrency, despite those tools being intended solely for U.S. government and allied use. He was sentenced to 87 months in prison, highlighting the serious national security implications of insider threats in the defense industrial base.

‍