SesameOp Backdoor Abused OpenAI Assistants API for Remote Access

Microsoft researchers found the SesameOp backdoor using OpenAI’s Assistants API for remote access, data theft, and command communication.

Cybersecurity researchers have identified a new backdoor called SesameOp that uses the OpenAI Assistants API to exchange instructions and data, replacing the typical attacker-controlled servers with a legitimate cloud service.

According to Microsoft’s Detection and Response Team (DART), the findings show a growing trend where threat actors use trusted technologies to hide malicious traffic. SesameOp doesn’t exploit a vulnerability in OpenAI products; instead, it misuses an available feature to communicate once systems are compromised.

The investigation began after analysts examined modified Microsoft Visual Studio utilities that loaded unusual libraries. This led to the discovery of Netapi64.dll, an obfuscated loader that runs a hidden .NET-based component named OpenAIAgent.Netapi64.

The malware maintains persistence and allows remote operators to issue commands, gather results, and send them back through the OpenAI ...