From Political Dirty Tricks to Zero-Day Exploits: The Shadowy Rebirth of Wohl and Burkman

In the high-stakes, hyper-competitive world of cybersecurity, the acquisition of “zero-day” vulnerabilities—previously unknown security flaws in software—is a multi-billion dollar industry. It is a market that typically demands extreme discretion, rigorous technical pedigree, and deep-seated institutional trust. However, a new player has emerged in McLean, Virginia, that is shattering the industry’s norms: IRIS C2.

The firm, which dangles multi-million dollar payouts for high-level exploits, is being run by a duo synonymous with political chaos and serial deception: Jacob Wohl and Jack Burkman. For years, the pair have been fixtures of the far-right fringe, known for orchestrating elaborate, often illegal, smear campaigns. Now, they have pivoted to the offensive cyber-intelligence space, raising urgent questions about the safety of the software supply chain and the vetting processes governing federal contractors.

The IRIS C2 Gambit: A High-Stakes Hustle

Since its inception in January 2025, the X (formerly Twitter) account @C2IRIS has cultivated a persona of cutting-edge expertise, accumulating over 4,000 followers. The account acts as a digital storefront for offensive cybersecurity capabilities, actively recruiting "junior engineers with raw talent" while explicitly dismissing the need for formal degrees or industry experience.

On their website, irisc2[.]com, the company presents itself as a sophisticated broker of software exploits. They claim to acquire everything from "individual primitives" to "full chains," offering rewards ranging from $10,000 to an eye-watering $7 million for high-value targets. This pricing structure mirrors—and in some cases exceeds—the bounties offered by reputable, government-vetted firms, a move industry experts suggest is designed to "clout-chase" and entice young, impressionable researchers.

Felons, Fraudsters Flog Offensive Cybersecurity Startup

The business is legally tied to Calvexa Group LLC, a Virginia-based entity registered as a federal contractor. While public records confirm their status in the government contracting portal, there is no public evidence of direct federal contracts, leaving observers to wonder exactly who the firm’s ultimate customers might be—or if they exist at all.

A History of Fabrications: The Wohl-Burkman Chronology

To understand the skepticism surrounding IRIS C2, one must look at the long, litigious history of its operators. The pair has spent nearly a decade constructing a narrative of deception.

  • 2015–2017: A teenage Jacob Wohl rises to prominence as the "Wohl of Wall Street," appearing on Fox News to tout hedge funds. The charade ends when the Arizona Corporation Commission charges him with 14 counts of securities fraud.
  • 2018–2019: Wohl and Burkman pivot to political "intelligence." They gain notoriety for fabricating sexual assault allegations against FBI Director Robert Mueller and presidential candidate Pete Buttigieg. They also hold press conferences to level baseless claims against Kamala Harris and Elizabeth Warren.
  • 2019: Wohl pleads guilty in California to four felony counts of selling unregistered securities.
  • 2020: During the heat of the presidential election, the duo launches a massive robocall campaign targeting voters in battleground states with disinformation regarding mail-in ballots.
  • 2022–2023: The legal consequences mount. The pair pleads guilty to telecommunications fraud in Ohio. A New York court forces a $1 million settlement for civil rights violations, and the FCC hits them with a $5.1 million fine—the largest in the history of the Telephone Consumer Protection Act.
  • 2024: The pair launches "LobbyMatic," an AI-based lobbying firm. An investigation by Politico reveals they were operating under pseudonyms—Wohl as "Jay Klein" and Burkman as "Bill Sanders." The company collapses after employees discover they were working for the disgraced duo.

The Mechanics of the "Technical" Facade

Despite his history of political disinformation, Jacob Wohl remains defiant regarding his technical credentials. In an interview with KrebsOnSecurity, Wohl claimed that he does not require a formal background in computer science because his knowledge is "self-taught."

"I know more about tech than anyone," Wohl stated. "My background has always been extremely technical… I’m able to create spectacularly exquisite capabilities that would make your head spin."

Felons, Fraudsters Flog Offensive Cybersecurity Startup

Wohl characterizes IRIS C2 as a shop that refines "preliminary" vulnerability findings into stable, usable exploits. He claims the company employs roughly 40 people, though he asserts that for "operational security reasons," none are permitted to list their employment on LinkedIn. This secrecy, while common in elite intelligence circles, takes on a sinister tone when paired with the duo’s history of creating "fake intelligence companies" where employees were unaware of who they were actually working for.

Industry observers note that the transition from running fake smear-campaign companies to "vulnerability research" is not a pivot of substance, but a pivot of medium. Both require a baseline of digital infrastructure, the ability to mimic industry jargon, and the skill to manipulate public perception—or, in this case, the perception of potential recruits.

Implications for the Cybersecurity Industry

The emergence of IRIS C2 highlights a significant gap in the oversight of the private cybersecurity sector. The market for zero-day exploits is inherently opaque, often existing in a "gray market" where researchers, state actors, and private firms collide.

The Risk to Talent

The most immediate danger posed by IRIS C2 is to the young researchers they are aggressively recruiting. By dangling millions of dollars, the firm may be attracting inexperienced, high-IQ individuals who are unaware of the legal or ethical risks involved in working for a company run by convicted felons. If these researchers are providing genuine exploits to an organization that may be misrepresenting itself to the government, they could inadvertently find themselves entangled in federal investigations.

Felons, Fraudsters Flog Offensive Cybersecurity Startup

The Erosion of Trust

The cybersecurity industry relies on a "trusted network" model. When companies like IRIS C2 enter the space with aggressive, "brazen" marketing, it disrupts the trust required for legitimate vulnerability disclosure programs. Furthermore, the potential for these exploits to be leaked or sold to non-state actors is a primary concern for national security experts. If IRIS C2 is, as Wohl claims, involved in "phone-hacking services," the potential for abuse—whether for surveillance or corporate espionage—is immense.

Federal Oversight Challenges

The fact that Calvexa Group LLC remains a registered federal contractor despite the operators’ extensive criminal records is a glaring indicator of a breakdown in vetting. While the firm appears to lack active, direct contracts, their presence in the ecosystem provides them with a veneer of legitimacy that could be used to deceive clients, partners, or even government agencies.

Conclusion: A Pattern of Behavior

The transformation of Jacob Wohl and Jack Burkman into cybersecurity entrepreneurs is a development that should alarm any organization involved in the digital defense space. Their track record is not one of business innovation, but of serial exploitation. Whether it is defrauding investors, suppressing votes, or faking intelligence reports, the duo has consistently demonstrated a willingness to break the law to achieve their ends.

As of now, IRIS C2 remains a volatile, unverified, and highly suspicious entity. While they claim to be on the cutting edge of offensive security, their history suggests they are more adept at crafting illusions than code. Until the government or independent security researchers can definitively verify the provenance of the exploits they claim to possess, IRIS C2 should be treated not as a legitimate cybersecurity firm, but as the latest iteration of the Wohl-Burkman "intelligence" grift—one that poses a genuine risk to the security of the platforms and individuals they claim to protect.