- The SesameOp malware uses OpenAI’s Assistants API as a covert command-and-control channel
- It enables persistent access, runs commands and exfiltrates data via encrypted API traffic
- Microsoft encourages firewall audits, tamper protection, and endpoint detection to mitigate threats
In order to function properly, malware needs a way to communicate with its “headquarters” – the command and control (C2) server – which is one of the usual ways cybersecurity researchers identify malware – by looking at suspicious communications – which is why bad guys go to great lengths to try to hide these “conversations” in plain sight.
Recently, security researchers from Microsoft discovered a new piece of malware that uses a creative way to hide this dialog, abusing OpenAI’s Assistants API, a programming interface that lets developers integrate OpenAI’s AI “assistant” features into their own applications, products or services.
“Instead of relying on more traditional methods, the threat actor behind this backdoor is abusing OpenAI as a C2 channel as a way to stealthily communicate and orchestrate malicious activities within the compromised environment,” the Microsoft Incident Response team said in the report. “To do this, a component of the backdoor uses the OpenAI Assistants API as a storage or relay mechanism to retrieve commands that the malware then executes.”
Used for espionage
The malware is called SesameOp and was discovered in July 2025. It gives its attackers persistent access to the compromised environment as well as usual backdoor functions. All the information seized in the attacks is then encrypted and sent back through the same API channel.
It’s also worth emphasizing that this is not a vulnerability in OpenAI’s platform, but rather a built-in feature of Assistant’s API that is being abused. According to Bleeping Computerthe API itself is scheduled for deprecation in August 2026 anyway.
“The stealth nature of SesameOp is consistent with the purpose of the attack, which was determined to be long-term persistence for espionage-like purposes,” Microsoft added.
Those concerned about potential SesameOp malware attacks should audit their firewall logs, enable tamper protection, and configure endpoint detection in block mode. In addition, they should also monitor for unauthorized connections to external services.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
