In the opaque world of zero-day vulnerability trading—a high-stakes marketplace where software exploits can fetch millions—discretion and technical pedigree are the traditional currencies. However, a new entrant, IRIS C2, has shattered these norms. Operating out of McLean, Virginia, the startup has begun dangling seven-figure payouts to researchers, promising to acquire "full capabilities" across major software platforms. Behind the veneer of a sophisticated defense contractor lies a familiar pair of architects: the far-right conspiracy theorists and convicted felons Jack Burkman and Jacob Wohl.
The Faces Behind the Code
IRIS C2, which maintains a public-facing profile on X (formerly Twitter) under the handle @C2IRIS, claims to be a premier provider of offensive cybersecurity capabilities. Since its inception in January 2025, the account has amassed over 4,000 followers, broadcasting a recruitment strategy that prioritizes "raw talent" and "high IQ" over formal education or industry credentials.
Public filings and government contracting databases, specifically G2Xchange, link the domain irisc2.com to a Virginia-based entity known as Calvexa Group LLC. The trail leads directly to an office address in Arlington, Virginia, occupied by Jack Burkman, a 60-year-old lobbyist known for his decades-long presence in the darker corners of American political theater. When pressed for comment, Burkman directed inquiries to his longtime partner, 28-year-old Jacob Wohl.
The partnership of Burkman and Wohl is infamous in Washington and beyond. Their career trajectory has been defined by the creation of fake intelligence firms, the fabrication of sexual assault allegations against high-profile political figures, and a series of criminal convictions that have left them with millions of dollars in civil and federal liabilities.
A Chronology of Controversy: From Lobbying to Liability
The transition from political operative to "cybersecurity expert" marks only the latest chapter in a long, litigious history for the pair.

The Fabrication Era (2017–2020)
Long before their pivot to software exploits, the duo gained notoriety for their "intelligence" operations. In 2017, Wohl’s investment funds faced 14 counts of securities fraud in Arizona. By 2019, he pleaded guilty in California to four felony counts of selling unregistered securities. Simultaneously, the pair orchestrated a series of elaborate, demonstrably false press conferences targeting then-FBI Director Robert Mueller, Mayor Pete Buttigieg, Senator Elizabeth Warren, and Vice President Kamala Harris, frequently utilizing fake companies to provide a thin veneer of legitimacy to their smears.
The Robocall Campaigns (2020–2025)
The 2020 presidential election saw the pair shift their focus toward election interference. They were indicted in Cleveland on 15 felony counts for an automated robocall scheme aimed at suppressing the Black vote in Detroit. The legal fallout was immense:
- 2022: The pair pleaded guilty to telecommunications fraud in Ohio, resulting in fines, probation, and community service.
- 2023: A New York civil court ruled they had violated federal and state civil rights laws, ordering a $1 million settlement.
- 2023: The FCC levied a $5.1 million fine against them, marking the largest penalty in the history of the Telephone Consumer Protection Act.
- 2025: Following failed appeals, both were sentenced to probation for their roles in the voter suppression schemes.
The AI Lobbying Gambit (2024)
Before launching IRIS C2, the pair operated a venture called "LobbyMatic," which claimed to utilize artificial intelligence to disrupt the lobbying industry. Investigations by Politico revealed that the company was a ruse, with Wohl operating under the alias "Jay Klein" and Burkman as "Bill Sanders." The facade crumbled when employees resigned upon discovering the true identities and history of their employers.
The IRIS C2 Business Model: Fact vs. Fiction
The current iteration of their enterprise, IRIS C2, presents a striking contrast to the established, secretive firms that dominate the zero-day market. While legitimate defense contractors operate with extreme caution, often requiring rigorous background checks and government security clearances, IRIS C2’s recruitment approach is alarmingly public.
Technical Claims and Capabilities
Jacob Wohl, in an interview with KrebsOnSecurity, described himself as a self-taught technical savant. "I know more about tech than anyone," Wohl asserted, claiming to create "exquisitely exquisite capabilities." He describes the firm’s current workflow as acquiring raw "exploit primitives"—partial vulnerabilities—and refining them into stable, reliable, full-chain exploits for government clients.

Wohl alleges the firm employs 40 individuals, though he claims these employees remain anonymous on platforms like LinkedIn for "operational security." He maintains that IRIS C2 is a penetration testing firm that has successfully transitioned into phone-hacking services for federal contracts. However, these claims remain unverified, and the company does not appear in federal records as having active, direct government contracts.
Supporting Data and Red Flags
The legitimacy of IRIS C2 is undermined by several critical factors:
- The "Ghost" Staff: The claim of 40 employees remains unsubstantiated. In previous ventures, employees have expressed shock upon discovering the true identities of their bosses, suggesting that the "team" may be either nonexistent, comprised of individuals deceived by the pair, or largely fabricated.
- The Cryptocurrency Connection: A report by journalist Molly White revealed that in 2026, the duo was paid a $300,000 retainer by a Canadian cryptocurrency fraudster. The accused, who is wanted internationally for a $65 million theft from platforms like KyberSwap, hired the pair to lobby for a presidential pardon—a task far removed from the technical rigor of vulnerability research.
- The Referral Loop: The firm’s contact page for Calvexa Group simply redirects to the IRIS C2 landing page, suggesting a revolving door of shell entities designed to mask the origin of their operations.
Implications for the Cybersecurity Industry
The entry of figures like Burkman and Wohl into the vulnerability market poses unique risks. The zero-day market is already a "wild west" of sorts, populated by academic researchers and criminal entities alike. However, the introduction of actors with a demonstrated history of fraud and deception creates a "poisoned well" effect.
The Trust Gap
Security researchers often operate on a high level of trust. By attempting to lure researchers with promises of $7 million payouts, IRIS C2 risks disrupting the ethical research ecosystem. If a researcher provides a genuine exploit to a company operated by individuals known for financial fraud, there is a high probability that the exploit—or the researcher’s own identity—could be misappropriated or sold to malicious state actors.
Regulatory and Ethical Concerns
The lack of transparency regarding IRIS C2’s government contracts is perhaps the most concerning implication. If federal agencies are indeed engaging with a firm run by individuals convicted of telecommunications fraud and election interference, it suggests a profound breakdown in the vetting process for sensitive defense contractors.

Furthermore, the brazen nature of their marketing—openly boasting on LinkedIn and X about purchasing vulnerabilities—invites unnecessary scrutiny from international regulators and intelligence agencies. In a field that thrives on the "dark" nature of its work, IRIS C2 acts as a high-visibility target that could trigger broader crackdowns on the vulnerability research industry as a whole.
Conclusion
The rise of IRIS C2 is less a technological breakthrough and more a continuation of a pattern of predatory opportunism. By rebranding themselves as cyber-mercenaries, Burkman and Wohl are leveraging the high-value, high-anonymity nature of the vulnerability market to sustain their operations. For the cybersecurity community, the lesson is clear: the most dangerous exploits may not be the ones found in software, but the ones found in the people soliciting them. As long as IRIS C2 continues to operate under the shadow of its founders’ checkered past, it remains a cautionary tale of how the tools of modern digital warfare can be easily weaponized by those with no regard for the law.
