- SesameOp malware uses OpenAI’s Assistants API as a covert command and control channel
- It allows persistent access, executes commands and extracts data through encrypted API traffic.
- Microsoft urges firewall audits, tamper protection and endpoint detection to mitigate threats
In order to function properly, malware needs a way to communicate with its “headquarters,” the command and control (C2) server, which is one of the common ways cybersecurity researchers identify malware by looking at suspicious communications, which is why criminals go to great lengths to try to hide these “conversations” in plain sight.
Recently, security researchers at Microsoft discovered a new piece of malware that uses a creative way to hide this dialog, abusing the OpenAI Assistants API, a programming interface that allows developers to integrate the capabilities of OpenAI’s AI “assistant” into their own applications, products or services.
“Rather than relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as a way to stealthily communicate and orchestrate malicious activities within the compromised environment,” Microsoft’s incident response team said in the report. “To do this, a backdoor component uses the OpenAI Assistants API as a store-or-forward mechanism to retrieve commands, which the malware then executes.”
Used for espionage
The malware is called SesameOp and was discovered in July 2025. It grants its attackers persistent access to the compromised environment, as well as the usual backdoor capabilities. All information obtained in the attacks is then encrypted and sent back through the same API channel.
It’s also worth emphasizing that this is not a vulnerability in the OpenAI platform, but rather a built-in capability of the Assistants API that is being abused. According beepcomputerThe API itself is scheduled to be deprecated in August 2026 anyway.
“The stealthy nature of SesameOp is consistent with the goal of the attack, which was determined to be long-term persistence for espionage-type purposes,” Microsoft added.
Those concerned about potential SesameOp malware attacks should audit their firewall logs, enable tamper protection, and set endpoint detection to blocking mode. Additionally, they must also control unauthorized connections to external services.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
