SesameOp malware makes use of OpenAI’s Assistants API as a covert command-and-control channel
It allows persistent entry, runs instructions, and exfiltrates information by way of encrypted API visitors
Microsoft urges firewall audits, tamper safety, and endpoint detection to mitigate threats
To have the ability to function correctly, malware wants a strategy to talk with its “headquarters” – the command & management (C2) server – which is among the regular methods cybersecurity researchers establish malware – by suspicious communications – which is why crooks go to lengths to try to disguise these “conversations” in plain sight.
Just lately, safety researchers from Microsoft found a brand new piece of malware that makes use of a inventive means of hiding this dialogue, abusing OpenAI’s Assistants API, a programming interface that lets builders combine OpenAI’s AI “assistant” capabilities into their very own purposes, merchandise, or providers.
“Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as a way to stealthily communicate and orchestrate malicious activities within the compromised environment,” the Microsoft Incident Response group stated within the report. “To do this, a component of the backdoor uses the OpenAI Assistants API as a storage or relay mechanism to fetch commands, which the malware then runs.”
Chances are you’ll like
Used for espionage
The malware is known as SesameOp, and was found in July 2025. It grants its attackers persistent entry to the compromised setting, in addition to regular backdoor capabilities. The entire info grabbed within the assaults is then encrypted and shipped again via the identical API channel.
Additionally it is value emphasizing this isn’t a vulnerability in OpenAI’s platform, however reasonably a built-in functionality of the Assistants API which is being abused. In keeping with BleepingComputer, the API itself is scheduled for deprecation in August 2026 anyway.
“The stealthy nature of SesameOp is consistent with the objective of the attack, which was determined to be long term-persistence for espionage-type purposes,” Microsoft added.
These frightened about potential SesameOp malware assaults ought to audit their firewall logs, allow tamper safety, and configure endpoint detection in block mode. Moreover, they need to additionally monitor for unauthorized connections to exterior providers.
Through BleepingComputer
The very best antivirus for all budgets
Our prime picks, based mostly on real-world testing and comparisons
