Sesameop Leveraging Openai Assistants API For Stealthy...
A sophisticated new backdoor named SesameOp has emerged with a novel approach to command-and-control communications that fundamentally challenges traditional security assumptions.
Discovered in July 2025 by Microsoft’s Incident Response and Detection and Response Team, this malware represents a significant shift in how threat actors exploit legitimate cloud services for covert operations.
Rather than relying on dedicated infrastructure or suspicious network connections, SesameOp ingeniously abuses the OpenAI Assistants API as a disguised command relay, allowing attackers to issue instructions and receive results through what appears as legitimate traffic to a trusted service.
The malware’s discovery emerged during a complex incident investigation where attackers had maintained operational presence within a compromised environment for months.
The investigation revealed an intricate architecture comprising internal web shells strategically positioned throughout the network.
These shells operated under control of persistent malicious processes that leveraged compromised Microsoft Visual Studio utilities through .NET AppDomainManager injection—a technique that circumvents traditional detection mechanisms by hiding malicious code within legitimate system processes.
Microsoft analysts identified the infection chain as a two-component system. The first component consists of Netapi64.dll, a heavily obfuscated loader designed to identify and execute the primary backdoor.
The second component, OpenAIAgent.Netapi64, contains the core functionality that orchestrates C2 communications through the OpenAI platform.
Rather than utilizing OpenAI’s agent software development kits or model execution features, the backdoor weaponizes the Assistants API purely as a message storage mechanism.
Commands arrive compressed and encrypted, which the malware decrypts and executes locally before returning results back through the same OpenAI infrastructure.
Source: Cybersecurity News
