An Australian executive who pleaded guilty to selling sensitive cyber tools to a Russian broker was paid in crypto under contracts promising millions more, placing crypto at the center of a case prosecutors say endangered Five Eyes intelligence capabilities.
Prosecutors alleged Peter Williams, an Australian national and U.S. resident, sold eight protected cyber-exploit components, including zero-day capabilities, to a Russia-based broker known to do business with the Russian government.
The tools were developed for use by the U.S. intelligence community and shared with Five Eyes partners, a signals intelligence alliance that includes the U.S., the UK, Canada, Australia, and New Zealand.
The companies involved have lost more than $35 million, per the memo, which added that Williams kept selling exploits through July 2025 even after he knew the FBI was investigating.
Williams also allegedly moved the crypto through anonymized transactions before cashing out and spending over $715,000 on vacations, luxury cars, jewelry, and a $1.5 million down payment for a Washington property.
Prosecutors are seeking a sentence of nine years in prison, $35 million in mandatory restitution, a fine of $250,000, and three years of supervised release.
The case places crypto at the center of an espionage-linked prosecution involving offensive cyber capabilities. While the charges focus on theft of trade secrets rather than espionage statutes, the government argues the breach endangered intelligence operations shared among Five Eyes allies and risked exposing tools that could be repurposed or sold onward.
Prosecutions in the past few years show how crypto has surfaced in espionage and national security cases.
William case shows that crypto is “increasingly appearing as a payment rail in national-security and espionage-adjacent crimes—not because it is inherently anonymous, but because it allows fast, cross-border value transfer outside traditional financial chokepoints,” Angela Ang, head of policy and strategic partnerships for Asia Pacific at TRM Labs, told Decrypt.
“We’ve seen crypto used to facilitate ransomware, sanctions evasion, and now the illicit sale of sensitive cyber tools,” Ang said, noting how regulated exchanges have “far stronger controls than even a few years ago, including blockchain analytics, sanctions screening, and transaction monitoring.”
Still, in many cases, “crypto transactions are more traceable than cash or informal value transfer systems.”
Gaps remain when actors “deliberately route funds through offshore platforms, unregulated brokers, or peer-to-peer channels,” she said. “When crypto is used to pay for the sale of sensitive capabilities, like in this case, authorities should treat it as both a financial crime and a national security threat.”
