Microsoft has revealed a sophisticated backdoor dubbed SesameOp, leveraging the OpenAI Assistants API for command-and-control (C2) communications. Uncovered in July 2025, this custom malware exploits the API to stealthily manage compromised environments, utilizing a loader component (“Netapi64.dll”) and a .NET-based backdoor (“OpenAIAgent.Netapi64”). These elements enable the malware to fetch encrypted commands, execute them, and relay the results back to OpenAI, all whilst maintaining persistence within systems for espionage purposes.
The malware implements advanced techniques such as AppDomainManager injection and extensive obfuscation to avoid detection, indicating a complex threat landscape. This incident highlights the growing trend of malware employing legitimate tools to obscure malicious activities within network traffic. Microsoft has communicated its findings to OpenAI, which acted swiftly to disable the implicated API key and account. The OpenAI Assistants API is set to be deprecated in August 2026, signaling significant changes in the AI security environment.
Source link
