Microsoft revealed a new backdoor named SesameOp that exploits the OpenAI Assistants API for stealthy command-and-control communications. The malware enables persistent long-term access for espionage through sophisticated techniques involving AI APIs and internal web shells. #SesameOp #OpenAIAssistantsAPI
Keypoints
- SesameOp uses OpenAI Assistants API as a covert communication channel for command-and-control activities.
- The backdoor was discovered by Microsoft in July 2025 during a targeted security incident.
- It employs obfuscated DLLs and internal web shells to maintain persistence and execute commands stealthily.
- The malware leverages malicious libraries within compromised Microsoft Visual Studio utilities through AppDomainManager injection.
- OpenAI took measures to disable the API key used by the threat actor after the malware was identified.
Read More: https://thehackernews.com/2025/11/microsoft-detects-sesameop-backdoor.html