CHRYSENE is a threat actor, also known as G0049, Greenbug, GreenBug. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does CHRYSENE exploit?

CHRYSENE is known to exploit 6 CVEs. View the full list on the Strobes VI threat actor profile page.

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001

CHRYSENE

Also known as: G0049, Greenbug, GreenBug, Cobalt Gypsy, Lyceum, Helix Kitten, ATK 40, Storm-0861, Volatile Kitten, Twisted Kitten, ATK40, APT34, OilRig, Siamesekitten, Scarred Manticore, COBALT GYPSY, ITG13, Crambus, Chrysene, Yellow Maero, Hazel Sandstorm, UNC1860, IRN2, DEV-0861, APT 34, TA452, EUROPIUM, Earth Simnavaz, Evasive Serpens

Information theft and espionage

Exploited CVEs

Overview

Adversaries abusing ICS (based on Dragos Inc adversary list). This threat actor targets organizations involved in oil, gas, and electricity production, primarily in the Gulf region, for espionage purposes. According to one cybersecurity company, the threat actor “compromises a target machine and passes it off to another threat actor for further exploitation.”

Exploited Vulnerabilities

CVE ID	Action
CVE-2017-11882	View Details