Microsoft security researchers uncovered a new backdoor malware, SesameOp, that covertly communicates via the OpenAI Assistants API for persistent access and remote management. This attack highlights how threat actors misuse legitimate cloud services for stealthy cyber-espionage activities. #SesameOp #OpenAIAssistantsAPI
Keypoints
- SesameOp malware allows attackers long-term access to compromised environments.
- The malware uses OpenAI Assistants API as a covert command-and-control channel.
- It employs obfuscated loaders and .NET-based backdoors for persistence and espionage.
- The attack does not exploit platform vulnerabilities but misuses API functionalities.
- Microsoft recommends monitoring logs, enabling endpoint detection, and auditing external connections for mitigation.