IRIS C2 Cybersecurity Startup Secretly Run by Fraudsters
The IRIS C2 cybersecurity startup promises millions of dollars for undiscovered zero-day vulnerabilities. Furthermore, it offers mobile phone hacking tools directly to government agencies. However, two convicted political provocateurs orchestrate this high-profile venture. These individuals possess a dark history of pervasive fraud and operating under fictitious aliases.
Emergence of a Controversial Venture
Initially, investigative journalist Brian Krebs directed public attention toward this company. He exposed the convicted felons managing the offensive cybersecurity startup. IRIS C2 emerged across various social media platforms during January 2025. Since then, the organization actively publishes materials regarding vulnerabilities, artificial intelligence, and sophisticated hacking tools. On its official website, the firm brands itself as a premier provider of offensive cyber capabilities. They claim to operate exclusively out of McLean, Virginia.
Lucrative Bounties for Exploits
Consequently, IRIS C2 asserts that it actively procures zero-day vulnerabilities. They also purchase distinct components of malicious exploit chains and fully developed attack tools. Allegedly, their financial compensation ranges from $10,000 to a staggering $7 million. Ultimately, these massive payouts depend on the specific target, overall reliability, and the practical value of the exploit.
Unconventional Hiring Practices
Additionally, the company aggressively recruits young professionals who excel at discovering vulnerabilities. They desperately want individuals capable of engineering robust exploitation tools. Interestingly, formal academic degrees and prior professional experience remain completely optional for prospective candidates. Instead, IRIS C2 states that raw talent and exceptional intellect serve as their primary hiring criteria.
Unraveling the Corporate Facade
According to data from the government procurement portal G2Exchange, a Virginia-registered entity named Calvexa Group LLC manages the IRIS C2 website. This firm officially lists itself as a federal government contractor. Nevertheless, public databases contain absolutely no records of direct federal contracts awarded to them.
Deflecting Accountability
The registered address for Calvexa Group connects directly to controversial lobbyist Jack Burkman. When questioned about IRIS C2, Burkman quickly deflected inquiries toward his longtime partner, Jacob Wohl. Both men previously established fictitious intelligence companies together. Furthermore, they intentionally disseminated fabricated allegations against prominent American politicians. They also actively participated in illicit, widespread robocall campaigns.
A Documented History of Fraud
During 2022, Burkman and Wohl pleaded guilty to severe telecommunications fraud charges in Ohio. Consequently, the presiding judge sentenced them to substantial fines, strict probation, and mandatory community service. Later, the US Federal Communications Commission levied a massive $5.1 million fine against the partners. This severe penalty punished them for a robocall campaign spreading dangerous disinformation about mail-in voting.
Shifting Business Operations
Wohl recently spoke with reporters and explained the company’s overall trajectory. He stated that IRIS C2 initially focused on routine computer system security audits. Eventually, however, they decisively pivoted toward selling mobile phone hacking tools to government entities. According to Wohl, the company extensively refines raw vulnerabilities discovered by external security researchers. Ultimately, they transform these flaws into stable, practically applicable attack weapons.
Questionable Employee Claims
Wohl also claimed that IRIS C2 currently employs approximately 40 dedicated staff members. Allegedly, executive management strictly prohibits these employees from listing their workplace on LinkedIn. However, independent investigators could not verify this exact employee count whatsoever. Furthermore, Wohl himself completely lacks any formal education in computer science or information security. Instead, he brazenly asserts that he acquired all necessary technical knowledge entirely independently.
Previous Deceptive Ventures and Lobbying
Previously, Wohl and Burkman managed a controversial platform called LobbyMatic. This dubious service purportedly utilized artificial intelligence for sophisticated political lobbying efforts. Ultimately, journalists discovered that the partners systematically concealed their true identities from employees and clients alike. Unsurprisingly, several workers immediately resigned from the company after uncovering the true identities of the project leaders.
Securing Funds from Cybercriminals
In March 2026, journalist Molly White reported another alarming financial transaction. She revealed that Burkman and Wohl received $300,000 from a notorious cybercriminal. Federal authorities recently charged this individual with a $65 million cryptocurrency hacking scheme involving KyberSwap and Indexed Finance. In exchange for this exorbitant fee, the partners promised to aggressively lobby for his ultimate presidential pardon.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.