- SesameOp malware uses OpenAI’s Assistants API as a covert command-and-control channel
- It enables persistent access, runs commands, and exfiltrates data via encrypted API traffic
- Microsoft urges firewall audits, tamper protection, and endpoint detection to mitigate threats
To be able to operate properly, malware needs a way to communicate with its “headquarters” – the command & control (C2) server – which is one of the usual ways cybersecurity researchers identify malware – by looking at suspicious communications – which is why crooks go to lengths to try and hide these “conversations” in plain sight.
Recently, security researchers from Microsoft discovered a new piece of malware that uses a creative way of hiding this dialogue, abusing OpenAI’s Assistants API, a programming interface that lets developers integrate OpenAI’s AI “assistant” capabilities into their own applications, products, or services.
“Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as a way to stealthily communicate and orchestrate malicious activities within the compromised environment,” the Microsoft Incident Response team said in the report. “To do this, a component of the backdoor uses the OpenAI Assistants API as a storage or relay mechanism to fetch commands, which the malware then runs.”
You may like
Used for espionage
The malware is named SesameOp, and was discovered in July 2025. It grants its attackers persistent access to the compromised environment, as well as usual backdoor capabilities. All of the information grabbed in the attacks is then encrypted and shipped back through the same API channel.
It is also worth emphasizing this is not a vulnerability in OpenAI’s platform, but rather a built-in capability of the Assistants API which is being abused. According to BleepingComputer, the API itself is scheduled for deprecation in August 2026 anyway.
“The stealthy nature of SesameOp is consistent with the objective of the attack, which was determined to be long term-persistence for espionage-type purposes,” Microsoft added.
Those worried about potential SesameOp malware attacks should audit their firewall logs, enable tamper protection, and configure endpoint detection in block mode. Furthermore, they should also monitor for unauthorized connections to external services.
Via BleepingComputer
The best antivirus for all budgets
Our top picks, based on real-world testing and comparisons
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
