{"id":16518,"date":"2026-07-08T20:54:53","date_gmt":"2026-07-08T20:54:53","guid":{"rendered":"https:\/\/techtrendfeed.com\/?p=16518"},"modified":"2026-07-08T20:54:53","modified_gmt":"2026-07-08T20:54:53","slug":"felons-fraudsters-flog-offensive-cybersecurity-startup-krebs-on-safety","status":"publish","type":"post","link":"https:\/\/techtrendfeed.com\/?p=16518","title":{"rendered":"Felons, Fraudsters Flog Offensive Cybersecurity Startup \u2013 Krebs on Safety"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p>A cybersecurity startup dangling thousands and thousands of {dollars} to amass zero-day safety vulnerabilities in well-liked software program is run by a pair of far-right conspiracy theorists and convicted felons whose most up-to-date ventures included pretend intelligence corporations and a now-defunct AI-based lobbying platform they operated beneath assumed names.<\/p>\n<p>The X\/Twitter account <strong>IRIS C2<\/strong> (@C2IRIS) has gained greater than 4,000 followers since its creation in January 2025, posting ceaselessly about safety vulnerabilities, AI and software program exploits. IRIS C2 says it&#8217;s a firm in McLean, Va. that sells offensive cybersecurity capabilities.<\/p>\n<div id=\"attachment_73902\" style=\"width: 760px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" aria-describedby=\"caption-attachment-73902\" decoding=\"async\" class=\" wp-image-73902\" src=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/06\/irisc2prices.png\" alt=\"\" width=\"750\" height=\"458\" srcset=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/06\/irisc2prices.png 1359w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/06\/irisc2prices-768x469.png 768w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/06\/irisc2prices-782x478.png 782w\" sizes=\"auto, (max-width: 750px) 100vw, 750px\"\/><\/p>\n<p id=\"caption-attachment-73902\" class=\"wp-caption-text\">The IRIS C2 web site dangles the potential of million-dollar payouts for exploits to draw expertise.<\/p>\n<\/div>\n<p>\u201cOur enterprise mannequin is that this,\u201d reads a pinned submit on high of the IRIS C2 account on X. \u201cEntice the easiest vulnerability researchers and exploit builders on the planet to hitch our firm. This largely revolves round junior engineers with uncooked expertise\/extraordinarily excessive IQ. We don\u2019t care if they&#8217;ve a school diploma\/trade expertise.\u201d<\/p>\n<p>The web site linked in that profile \u2014 <strong>irisc2[.]com<\/strong> \u2014 says the corporate is hiring for a variety of open positions, and a current submit on its LinkedIn web page enthuses about an awesome variety of purposes from potential workers. The web site claims IRIS C2 is within the enterprise of buying \u201czero-day exploits, particular person primitives, partial chains, and full capabilities throughout all main platforms. Payouts vary from $10,000 to $7 million relying heading in the right direction, reliability, and operational worth.\u201d<\/p>\n<p>The federal government contracting portal <strong>g2exchange.com<\/strong> <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/g2xchange.com\/app\/companies\/Q38JJNA3WAT4\" target=\"_blank\" rel=\"noopener\">experiences<\/a> that irisc2[.]com is operated by a enterprise primarily based in Virginia known as <strong>Calvexa Group LLC<\/strong>. The \u201ccontact\u201d hyperlink on the web site for Calvexa Group \u2014 <strong>calvexagroup[.]com<\/strong> \u2014 forwards guests to irisc2[.]com. G2Exchange exhibits that whereas Calvexa Group LLC is registered as a federal contractor, it doesn&#8217;t seem like engaged on any direct authorities contracts.<\/p>\n<p>A search on the Arlington, Va. deal with listed within the incorporation information for Calvexa Group LLC finds the property is occupied by <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Jack_Burkman\" target=\"_blank\" rel=\"noopener\"><strong>Jack Burkman<\/strong><\/a>, the 60-year-old founder and managing accomplice of the lobbying agency <strong>Burkman &amp; Associates<\/strong>. When approached with questions on IRIS C2, Burkman referred additional inquiries to his longtime affiliate, 28-year-old <strong>Jacob Wohl<\/strong>.<\/p>\n<div id=\"attachment_73904\" style=\"width: 805px\" class=\"wp-caption aligncenter\"><img aria-describedby=\"caption-attachment-73904\" decoding=\"async\" loading=\"lazy\" class=\"size-full wp-image-73904\" src=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/07\/burkman-wohl.png\" alt=\"\" width=\"795\" height=\"524\" srcset=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/07\/burkman-wohl.png 795w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/07\/burkman-wohl-768x506.png 768w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/07\/burkman-wohl-782x515.png 782w\" sizes=\"auto, (max-width: 795px) 100vw, 795px\"\/><\/p>\n<p id=\"caption-attachment-73904\" class=\"wp-caption-text\">Jack Burkman (left) and Jacob Wohl, at a press convention in August 2020. Picture: Wikipedia.<\/p>\n<\/div>\n<p>Burkman and Wohl have a <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Jacob_Wohl\" target=\"_blank\" rel=\"noopener\">storied historical past<\/a> of making pretend intelligence corporations and utilizing them to unfold false claims about and body public figures, together with fabricated sexual assault claims in opposition to then FBI director <strong>Robert Mueller<\/strong>, and <strong>Pete Buttigieg<\/strong>, then mayor of South Bend, Indiana and a Democratic candidate for the presidency. In 2019, Burkman and Wohl held press conferences falsely alleging extramarital affairs by <strong>Sen. Elizabeth Warren<\/strong> (D-Mass.) and then-2020 presidential candidate <strong>Kamala Harris<\/strong>.<\/p>\n<p>Within the wake of the 2020 presidential election, Wohl and Burkman have been prosecuted by a number of U.S. states for making 1000&#8217;s of robocalls to residents of battleground states and disseminating false claims about mail-in ballots. They have been indicted in Cleveland on 15 felony counts of orchestrating a robocall scheme geared toward suppressing the black vote in Detroit, and have been <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/apnews.com\/article\/2022-midterm-elections-ohio-cleveland-893b60cd297b918f9e1b193c25caee97\" target=\"_blank\" rel=\"noopener\">sentenced in late 2025<\/a> to probation after their appeals to dismiss the fees have been rejected.<span id=\"more-73834\"\/><\/p>\n<p>In 2022, Wohl and Burkman each pleaded responsible to a single felony cost of telecommunications fraud in Ohio, and sentenced to a advantageous, probation, and neighborhood service. In March 2023, a decide in a New York civil case dominated that Wohl and Burkman had violated federal and state civil rights legal guidelines, and the 2 agreed to pay a $1 million settlement.<\/p>\n<p>In June 2023, the <strong>Federal Communications Fee<\/strong> (FCC) imposed a $5.1 million advantageous in opposition to Wohl and Burkman for his or her robocall campaigns, on the time the most important advantageous ever sought by the FCC beneath the Phone Shopper Safety Act.<\/p>\n<div id=\"attachment_73906\" style=\"width: 759px\" class=\"wp-caption aligncenter\"><img aria-describedby=\"caption-attachment-73906\" decoding=\"async\" loading=\"lazy\" class=\" wp-image-73906\" src=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/07\/jayglxr-github.png\" alt=\"\" width=\"749\" height=\"439\" srcset=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/07\/jayglxr-github.png 1254w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/07\/jayglxr-github-768x451.png 768w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/07\/jayglxr-github-782x459.png 782w\" sizes=\"auto, (max-width: 749px) 100vw, 749px\"\/><\/p>\n<p id=\"caption-attachment-73906\" class=\"wp-caption-text\">Jacob \u201cJay\u201d Wohl\u2019s GitHub account.<\/p>\n<\/div>\n<p>By the age of 17, Wohl had began a number of funding corporations, and cultivated the nickname \u201cWohl of Wall Road\u201d after showing on Fox Information in 2015 to debate his new hedge funds. In 2017, the Arizona Company Fee charged Wohl and his funding funds with 14 counts of securities fraud, and ordered him to pay $35,000 in restitution. In 2019, Wohl pleaded responsible in California to 4 felony counts of promoting unregistered securities and was sentenced to 2 years of probation.<\/p>\n<p>The marketplace for beforehand unknown safety vulnerabilities has all the time been populated by a colourful mixture of researchers, teachers, charlatans, clout-chasers and other people actively concerned in cybercrime communities. However the marketplace for promoting offensive safety providers to the U.S. authorities tends to be much more circumspect. Loads of authorities contractors recruit vulnerability researchers and pay for the unique rights to novel software program exploits, but none of them achieve this fairly as overtly and overtly as IRIS C2.<\/p>\n<div id=\"attachment_73951\" style=\"width: 604px\" class=\"wp-caption aligncenter\"><img aria-describedby=\"caption-attachment-73951\" decoding=\"async\" loading=\"lazy\" class=\"size-full wp-image-73951\" src=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/07\/irisc2x.png\" alt=\"\" width=\"594\" height=\"842\"\/><\/p>\n<p id=\"caption-attachment-73951\" class=\"wp-caption-text\">Latest posts from the Twitter\/X account IRISC2 (@c2iris).<\/p>\n<\/div>\n<p>Certainly, KrebsOnSecurity was unaware of IRIS C2 till final month, when an attendee at a regional cybersecurity convention shared that Wohl and Calvexa Group have been pestering individuals on the convention about promoting their vulnerability analysis.<\/p>\n<p>In an interview with KrebsOnSecurity, Wohl stated Mr. Burkman was not concerned within the day-to-day operations of IRIS C2. Wohl shared that IRIS C2 initially started as a penetration testing firm, however shifted its focus lately to promoting phone-hacking providers to the federal government. A number of occasions all through the interview, Mr. Wohl talked about engaged on federal authorities contracts, however when pressed for specifics stated he was not at liberty to talk publicly about them.<\/p>\n<p>Mr. Wohl stated he doesn&#8217;t have any formal schooling or coaching in laptop science or info safety, and that almost all of his data on the matter is self-taught.<\/p>\n<p>\u201cI do know extra about tech than anybody,\u201d Wohl bragged. \u201cMy background has all the time been extraordinarily technical, and I\u2019ve all the time been deeply into tech. Folks know me as somebody who is ready to create spectacularly beautiful capabilities that will make your head spin.\u201d<\/p>\n<p>Wohl stated safety researchers convey the corporate distinctive vulnerability findings \u201cfrequently,\u201d however that in lots of circumstances these findings are preliminary and never absolutely fleshed-out.<\/p>\n<p>\u201cLet\u2019s say somebody finds a flaw in a media decoder on a cellphone,\u201d Wohl stated. \u201cPlenty of occasions what we obtain is an exploit primitive, the place the concept is there however the [execution] wants work. You want that exploit to be secure and dependable, and that\u2019s what we do.\u201d<\/p>\n<p>Wohl claims IRIS C2 has roughly 40 workers, though he stated none of them are allowed to record their employment on LinkedIn for operational safety causes. In Might, the creator of the IRIS C2 account on X stated that his girlfriend had no thought what he did for a dwelling. But when IRIS C2 has another workers, they might be equally unaware of Mr. Wohl\u2019s historical past of outright fabrications \u2014 and even his actual identify.<\/p>\n<p>In September 2024, <strong>Politico<\/strong> <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.politico.com\/news\/2024\/09\/02\/jacob-wohl-jack-burkman-ai-lobbying-pseudonyms-00176917\" target=\"_blank\" rel=\"noopener\">reported<\/a> that Burkman and Wohl have been bragging about huge corporations supposedly shopping for providers from their now-defunct firm <strong>LobbyMatic<\/strong>, which claimed to make use of synthetic intelligence to help in political lobbying efforts. Nevertheless, Politico discovered the pair have been operating the corporate utilizing pseudonyms, with Wohl reportedly adopting the identify \u201cJay Klein\u201d and Burkman utilizing the moniker \u201cInvoice Sanders.\u201d Politico reported that two of the previous LobbyMatic workers resigned after studying of their true identities, whereas different workers solely discovered after that they had left the corporate.<\/p>\n<\/p><\/div>\n\n","protected":false},"excerpt":{"rendered":"<p>A cybersecurity startup dangling thousands and thousands of {dollars} to amass zero-day safety vulnerabilities in well-liked software program is run by a pair of far-right conspiracy theorists and convicted felons whose most up-to-date ventures included pretend intelligence corporations and a now-defunct AI-based lobbying platform they operated beneath assumed names. The X\/Twitter account IRIS C2 (@C2IRIS) [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":16520,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[361,9690,9691,1864,262,2017,211,490],"class_list":["post-16518","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-felons","tag-flog","tag-fraudsters","tag-krebs","tag-offensive","tag-security","tag-startup"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/16518","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16518"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/16518\/revisions"}],"predecessor-version":[{"id":16519,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/16518\/revisions\/16519"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/16520"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16518"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16518"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16518"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}<!-- This website is optimized by Airlift. Learn more: https://airlift.net. Template:. Learn more: https://airlift.net. Template: 69d9690a190636c2e0989534. Config Timestamp: 2026-04-10 21:18:02 UTC, Cached Timestamp: 2026-07-08 23:23:43 UTC -->