SesameOp
A new backdoor using OpenAI Assistants API for covert C2 operations.
-
Microsoft Discovers SesameOp: A New Backdoor Using OpenAI’s Assistants API for Covert C2
Microsoft discovered SesameOp, a new backdoor that uses OpenAI’s Assistants API for covert command and control (C2) operations. This technique allows attackers to fetch commands and exfiltrate data through a trusted cloud service, making detection harder. Discovered in July 2025, SesameOp aims for long-term persistence, often a hallmark of espionage campaigns.