SesameOp: Using the OpenAI Assistants API for Covert C2 Communication

Microsoft’s Detection and Response Team has exposed a sophisticated backdoor malware that exploits the OpenAI Assistants API as an unconventional command-and-control communication channel.

Named SesameOp, this threat demonstrates how adversaries are rapidly adapting to leverage legitimate cloud services for malicious purposes, making detection significantly more challenging for security teams.

The discovery highlights the evolving tactics of threat actors who seek to blend malicious traffic with legitimate API communications to evade traditional security controls.

The backdoor discovered by Microsoft’s DART researchers in July 2025 represents a significant departure from traditional malware communication methods.

Rather than establishing dedicated infrastructure for command-and-control operations, the threat actors behind SesameOp abuse the OpenAI Assistants API to store, relay, and retrieve malicious commands.

This approach allows attackers to hide their communications within legitimate API traffic to a trusted service provider, making detection through conventional network monitoring extremely difficult.

The malware component ...