Microsoft recently uncovered a sophisticated malware called SesameOp, which utilizes OpenAI’s Assistants API for covert command-and-control (C2) communication. This malware establishes persistent access to compromised systems, allowing attackers to execute commands and exfiltrate data via encrypted API traffic. Unlike traditional C2 methods, SesameOp cleverly abuses the Assistants API to hide its operations, posing a challenge for cybersecurity detection. While this exploitation highlights the need for vigilance, it’s important to note that it’s not a flaw in OpenAI’s platform but an intended use of the API. This malware has espionage goals, ensuring long-term access to target environments. To safeguard against SesameOp, Microsoft recommends conducting firewall audits, enabling tamper protection, and configuring endpoint detection. Users should also monitor for unauthorized connections to external services. As the API is set for deprecation in August 2026, businesses must take immediate action to bolster their cybersecurity measures.
Source link
Share
Read more