CHRYSENE is a threat actor attributed to IR, also known as OilRig, Greenbug, COBALT GYPSY. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does CHRYSENE exploit?

CHRYSENE is known to exploit 6 CVEs. View the full list on the Strobes VI threat actor profile page.

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001

CHRYSENE

Also known as: OilRig, Greenbug, COBALT GYPSY, IRN2, APT34, Helix Kitten, Evasive Serpens, Hazel Sandstorm, EUROPIUM, ITG13, Earth Simnavaz, Crambus, TA452, Cobalt Gypsy, Twisted Kitten, APT 34, ATK40, G0049, Siamesekitten, Lyceum, GreenBug

IRCyber Espionage

Exploited CVEs

Overview

Adversaries abusing ICS (based on Dragos Inc adversary list). This threat actor targets organizations involved in oil, gas, and electricity production, primarily in the Gulf region, for espionage purposes. According to one cybersecurity company, the threat actor “compromises a target machine and passes it off to another threat actor for further exploitation.”

Exploited Vulnerabilities

CVE ID	Action
CVE-2017-11882	View Details