OpenAI API
Threat actors abusing OpenAI API for C2 communications
-
SesameOp Backdoor Leverages OpenAI API for Stealthy Command and Control
Microsoft has identified a novel backdoor, dubbed “SesameOp,” that utilizes OpenAI’s Assistants API as a command-and-control (C2) channel. This sophisticated technique allows threat actors to stealthily orchestrate malicious activities within compromised environments, potentially evading traditional security measures.
-
Microsoft Discloses “SesameOp” Backdoor Abusing OpenAI API for Stealthy Command and Control
Microsoft has identified a novel backdoor, designated “SesameOp,” that employs OpenAI’s Assistants API for its command-and-control (C2) infrastructure. This technique allows threat actors to stealthily manage compromised systems and orchestrate malicious activities by using the API as a communication relay.