Ethical Hacking News
Microsoft's latest discovery reveals how OpenAI's Assistants API was exploited by hackers to secretly control malware, highlighting the potential risks of leveraging legitimate cloud services for malicious purposes. Learn more about this shocking attack in our in-depth article.
The Microsoft Incident Response team has discovered a previously unknown backdoor called "SesameOp" that exploits OpenAI's Assistants API as a command-and-control channel. The SesameOp backdoor uses the ".NET AppDomainManager injection" technique to plant malware on compromised systems and leverages the Assistants API for communication with infected systems. The attack is notable for its use of payload compression, layered encryption, and obfuscation techniques, making it difficult to detect. The backdoor demonstrates how threat actors can misuse built-in cloud services capabilities to carry out malicious activities. The Assistants API is scheduled for deprecation in August 2026, but the pattern of using cloud-hosted services for malicious purposes is likely to persist.
In a shocking revelation, Microsoft's Incident Response team has uncovered a previously unknown backdoor dubbed "SesameOp," which exploits OpenAI's Assistants API as a command-and-control channel to relay instructions between infected systems and the attackers pulling the strings. This cunning attack highlights the potential risks of leveraging legitimate cloud services for malicious purposes.
The SesameOp backdoor, first spotted in July during a months-long intrusion, takes advantage of the ".NET AppDomainManager injection" technique to plant the malware on compromised systems. Once executed, the loader hijacks OpenAI's infrastructure as a data courier, using the Assistants API as a command channel for communicating with infected systems.
What makes this attack particularly noteworthy is that SesameOp uses payload compression and layered encryption to hide commands and exfiltrated results from defenders. The malware also employs sophisticated obfuscation techniques, including Eazfuscator.NET, to evade detection by security software. The backdoor fetches encrypted commands from the Assistants API, decrypts them locally, executes them, and then posts the results back – a technique described by Microsoft as "sophisticated and designed for stealth."
This attack demonstrates how threat actors can misuse built-in capabilities of cloud services to carry out malicious activities. By leveraging the trust associated with legitimate cloud services, attackers can evade traditional security measures and create complex command-and-control channels that are difficult to detect.
The Assistants API itself is scheduled for deprecation in August 2026, which may close this particular loophole. However, the pattern of using cloud-hosted services for malicious purposes is likely to persist, as evidenced by the recent instances of attacks on Azure, Amazon Web Services (AWS), and other cloud infrastructure providers.
Microsoft has shared its findings with OpenAI, which identified and disabled an API key and account believed to have been used by the attackers. However, it remains unclear who is behind the campaign at this time.
The revelation of SesameOp serves as a stark reminder of the ongoing cat-and-mouse game between security professionals and threat actors. As cloud services become increasingly pervasive in our digital lives, it is essential that we remain vigilant about potential vulnerabilities and take proactive measures to mitigate them.
In an age where everything from HR chatbots to help-desk scripts talks to an API, the risk of using legitimate cloud tools for malicious purposes will only continue to grow. It is crucial that developers, security professionals, and end-users alike stay informed about emerging threats and take steps to protect themselves against sophisticated attacks like SesameOp.
Related Information:
https://www.ethicalhackingnews.com/articles/OpenAI-API-Moonlighting-as-Malware-HQ-A-Tale-of-Stealthy-Attacks-and-Sophisticated-Exploitation-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/11/04/openai_api_moonlights_as_malware/
Published: Wed Nov 5 01:11:00 2025 by llama3.2 3B Q4_K_M
