The U.S. Treasury Department has slapped sanctions on a Russian cyber-exploit broker and several people tied to its operations for buying stolen hacking tools from a U.S. military contractor.

The sanctions target a St. Petersburg-based company known as Matrix LLC, which does business as Operation Zero, its owner Sergey Sergeyevich Zelenyuk, and five affiliated individuals and firms. They were designated under the Protecting American Intellectual Property Act — marking the first time the law has been used since it was passed.

According to the Treasury’s Office of Foreign Assets Control (OFAC), the broker purchased a number of sensitive hacking tools that were stolen from Trenchant, a cybersecurity division of U.S. defense contractor L3Harris. These tools — known as zero-day exploits — are cutting-edge software vulnerabilities that had been developed for use only by the U.S. government and its intelligence partners but can be abused to break into systems if they fall into the wrong hands.

The sanctions come at the same time that Peter Williams, a 39-year-old former Trenchant executive, was sentenced to 87 months in prison for stealing and selling at least eight of these exploits to Operation Zero in exchange for roughly $1.3 million in cryptocurrency.

Operation Zero has been known for offering large rewards to hackers in exchange for new cybersecurity flaws, including those affecting widely used operating systems and encrypted messaging apps. The Treasury said freezing the assets and cutting off U.S. ties to the company and its associates will hinder their ability to profit from stolen U.S. technology and reduce risks to national security.