From Political Operatives to Cyber-Mercenaries: The Rise of IRIS C2

In the shadowy, high-stakes world of zero-day vulnerability trading—where individual software exploits can fetch seven-figure payouts—a new player has emerged, promising to disrupt the market with aggressive recruitment and exorbitant financial incentives. IRIS C2, a McLean, Virginia-based firm that appeared on the scene in early 2025, claims to specialize in "offensive cybersecurity capabilities." However, beneath its veneer of high-tech legitimacy lies a venture operated by two of the most notorious figures in modern American political disinformation: Jack Burkman and Jacob Wohl.
The startup, which maintains a public-facing profile on X (formerly Twitter) with over 4,000 followers, is effectively the latest evolution in a long line of ventures spearheaded by a pair known more for their history of felony convictions and fraudulent schemes than for expertise in software engineering or network security.
The Business Model: Big Promises and "Raw Talent"
IRIS C2’s public posture is one of extreme confidence. Their website, irisc2[.]com, offers a menu of payouts ranging from $10,000 to a staggering $7 million for "zero-day exploits, individual primitives, partial chains, and full capabilities across all major platforms."
Their recruiting strategy is unorthodox, favoring raw, uncredentialed talent over traditional academic or industry backgrounds. A pinned post on their X account declares: “We don’t care if they have a college degree/industry experience.” This meritocratic rhetoric serves as a lure for junior engineers, promising them a gateway into the lucrative and secretive world of offensive security.
Behind the scenes, however, the firm is inextricably linked to Calvexa Group LLC. Government contracting portals like g2exchange.com identify Calvexa as the operator of the IRIS C2 domain. While Calvexa is registered as a federal contractor, it appears to hold no active, direct government contracts, raising questions about the firm’s actual revenue streams and its ability to deliver on the multi-million dollar promises made to potential researchers.

A History of Deception: The Wohl-Burkman Chronology
To understand the skepticism surrounding IRIS C2, one must examine the track record of its principals. The partnership between 60-year-old Jack Burkman and 28-year-old Jacob Wohl is a well-documented history of "clout-chasing," regulatory fraud, and political sabotage.
The Disinformation Era (2018–2020)
Burkman and Wohl first rose to national prominence as architects of elaborate, fabricated intelligence operations. Their typical playbook involved creating shell companies to launch smear campaigns against high-profile targets.
- The Mueller/Buttigieg Smears: In 2018 and 2019, the duo held press conferences attempting to peddle false sexual assault allegations against then-FBI Director Robert Mueller and Democratic presidential candidate Pete Buttigieg. Both efforts were widely debunked and mocked for their amateurish execution.
- Targeting the Democratic Establishment: Their attempts to frame Sen. Elizabeth Warren and Kamala Harris with fabricated claims of extramarital affairs further cemented their reputation as political provocateurs operating outside the bounds of ethical discourse.
The Robocall Campaigns and Legal Reckoning (2020–2023)
The pair’s pivot from political "intelligence" to illegal telecommunications activity resulted in a cascade of legal consequences:
- 2020: They were indicted in Cleveland on 15 felony counts for orchestrating a mass-robocall scheme aimed at suppressing the Black vote in Detroit.
- 2022: Both men pleaded guilty to a single felony count of telecommunications fraud in Ohio. The sentencing included fines, probation, and mandatory community service.
- 2023: The Federal Communications Commission (FCC) levied a record-breaking $5.1 million fine against the pair for their robocall campaigns, marking the largest penalty ever sought under the Telephone Consumer Protection Act.
- 2025: After exhausted appeals, they were sentenced to probation for the Detroit suppression scheme.
The "LobbyMatic" Era: Corporate Identity Theft
Before the inception of IRIS C2, the duo attempted to enter the AI-lobbying space with a firm called "LobbyMatic." According to a 2024 Politico investigation, the pair operated under the pseudonyms "Jay Klein" and "Bill Sanders." The deception was so thorough that employees only realized the true identities of their employers after resigning. The company collapsed amid revelations that its "AI-powered" promises were largely hollow.
Technical Claims vs. Reality
When questioned about his qualifications to run a firm focused on high-level cyber exploits, Jacob Wohl displayed the same bravado that defined his early years as the self-styled "Wohl of Wall Street." Despite a lack of formal education in computer science, Wohl asserted in an interview with KrebsOnSecurity, "I know more about tech than anyone. My background has always been extremely technical."

Wohl claims the company currently employs 40 individuals. However, he maintains that none of these employees are permitted to list their employment on LinkedIn for "operational security reasons"—a convenient excuse that allows the firm to operate without the scrutiny of industry verification.
When asked about the firm’s actual output, Wohl provided vague descriptions of refining "exploit primitives." He claimed that researchers bring the company preliminary findings—such as flaws in mobile media decoders—which his team then "stabilizes." Whether this process actually results in functional government-grade exploits or if it is merely another iteration of the "LobbyMatic" smoke-and-mirrors approach remains a matter of intense industry speculation.
Implications for the Cybersecurity Market
The entry of IRIS C2 into the zero-day market highlights a troubling trend: the "commodification of chaos." The legitimate market for zero-day vulnerabilities is already opaque, occupied by a mix of sovereign-linked research labs, defense contractors, and academic white-hats. By introducing actors with a history of fraud and disinformation, the ecosystem risks reputational contamination.
The Risk to Researchers
For the young, junior engineers whom IRIS C2 aggressively targets, the risks are tangible. If the firm is unable to secure, monetize, or legally manage these exploits, young researchers may find themselves:
- Unpaid: Given the duo’s history of financial instability and legal fines, the "million-dollar payouts" may prove to be illusory.
- Legally Exposed: Dealing in zero-day exploits carries significant legal weight. Working for an entity that lacks the proper legal standing or contracting clearance could place researchers in the crosshairs of federal investigators.
- Reputationally Damaged: Associating with a firm operated by convicted felons known for spreading disinformation is a career-ending move in an industry that prizes ethics, reliability, and security clearance eligibility.
Industry Scrutiny
The cybersecurity community has historically been self-policing. When conference attendees reported that IRIS C2 representatives were "pestering" researchers to sell their work, it sent a red flag through the community. Most legitimate government contractors recruit through formal, vetted channels; they do not operate through the pseudonymous, LinkedIn-hidden, Twitter-driven model adopted by IRIS C2.

Conclusion
IRIS C2 stands at the intersection of two volatile industries: the unregulated, high-profit world of cyber-offense and the high-risk, low-integrity world of political disinformation. While Jacob Wohl and Jack Burkman have proven remarkably resilient in the face of lawsuits, fines, and public exposure, the cybersecurity sector is fundamentally different from the world of political lobbying.
In cybersecurity, results are measurable, exploits either work or they don’t, and the oversight provided by government clients is rigorous. Whether IRIS C2 is a legitimate attempt at a business pivot or simply the latest "shell" in a long career of deceptive ventures, its presence serves as a reminder of the need for extreme due diligence in the vulnerability market. For now, the "Wohl of Wall Street" appears to have found a new, more dangerous stage—but the audience, both in the tech community and in government, is watching with a skeptical eye.
