Skip to content

Security Startup IRIS C2 Operated by Convicted Conspirators

In a nutshell: Exploit-buying firm IRIS C2 is run by two repeatedly convicted conspiracy theorists involved in disinformation campaigns and illegal robocall operations.

IRIS C2, a company specializing in the purchase of zero-day exploits, is operated by Jack Burkman and Jacob Wohl — two convicted actors with a history in disinformation campaigns and illegal robocall operations. This is relevant for CISOs as it raises questions about the security and integrity of vulnerability brokering platforms.

Registered in McLean, Virginia, IRIS C2 has been marketing itself since January 2025 on X/Twitter (account: @C2IRIS, over 4,000 followers) as a buyer for zero-day exploits and security vulnerabilities. The website irisc2.com advertises payouts between $10,000 and $7 million for exploits, depending on the target, reliability, and operational value. The company presents itself as a recruiter for security researchers and exploit developers.

Behind IRIS C2 stands Calvexa Group LLC, a holding company registered in Virginia, whose business address in Arlington belongs to 60-year-old Jack Burkman, founder of the lobbying firm Burkman & Associates. The primary contact person for IRIS C2 is 28-year-old Jacob Wohl, a long-time business partner of Burkman’s. Both have multiple prior convictions: in 2022, they pleaded guilty in Ohio to telecommunications fraud (fine, probation, community service). In December 2025, they received probation sentences following their conviction on 15 charges related to illegal robocall campaigns aimed at suppressing voter turnout in Detroit. In 2023, a New York court found that both had violated federal and state civil rights laws; they paid a settlement of $1 million. In June 2023, the FCC imposed a fine of $5.1 million against Wohl and Burkman — then the highest penalty for robocall campaigns.

Burkman and Wohl are known for establishing fake news outlets through which they conducted disinformation campaigns against politicians. They spread fabricated allegations of sexual assault against FBI Director Robert Mueller and Pete Buttigieg; in 2019, they falsely claimed that Senator Elizabeth Warren and Kamala Harris had had affairs. In 2023, they operated an AI-based lobbying platform under assumed names.

The fact that individuals with such a background now operate a vulnerability broker raises significant questions for the security ecosystem. CISOs should consider how exploit-driven incentive structures can be abused in extreme cases and what due diligence obligations are necessary when dealing with firms like IRIS C2.


Source: krebsonsecurity.com · Published July 8, 2026
Lumi AI News — AI-assisted curation in accordance with Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.3.

Share on: