Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Microsoft: OpenAI API Moonlights as Malware HQ

SesameOp malware covertly manages infected devices using OpenAI Assistants API, enabling months-long espionage by blending commands with legitimate AI traffic, Microsoft researchers said.

  • On Monday, Microsoft's Detection and Response Team revealed that SesameOp backdoor exploits the OpenAI Assistants API, and Microsoft and OpenAI disabled the associated account and API key.
  • Threat actors abused the OpenAI Assistants API by blending network chatter with legitimate AI traffic to api.openai.com, hiding commands and results within normal calls.
  • Using a heavily obfuscated loader, researchers found the attack chain deployed a.NET backdoor via.NET AppDomainManager injection into Microsoft Visual Studio utilities, using payload compression and Eazfuscator.NET-obfuscated DLL payloads.
  • To limit impact, defenders should audit firewall logs and monitor external connections, as Microsoft said `The stealthy nature of SesameOp is consistent with the objective of the attack, which was determined to be long term-persistence for espionage-type purposes`.
  • With cloud-hosted tools in wide use, Microsoft notes the Assistants API is scheduled for deprecation, which may close this loophole while security teams secure cloud-hosted trusted services as MCP becomes standard.
Insights by Ground AI

11 Articles

Tech RadarTech Radar
Center

Microsoft warns a key OpenAI API is being exploited to launch cyberattacks

OpenAI’s Assistants API serves as a C2 server, hiding malicious communication in plain sight.

·United Kingdom
Read Full Article
The RegisterThe Register
Center

Microsoft: OpenAI API moonlights as malware HQ

: Redmond uncovers SesameOp, a backdoor hiding its tracks by using OpenAI’s Assistants API as a command channel

Read Full Article
BleepingComputerBleepingComputer
Center

Microsoft: SesameOp malware abuses OpenAI Assistants API in attacks

Microsoft security researchers have discovered a new backdoor malware that uses the OpenAI Assistants API as a covert command-and-control channel.

Read Full Article
eSecurityPlaneteSecurityPlanet

Hackers Hijack OpenAI API in Stealthy New Backdoor Attack

Microsoft researchers have uncovered a sophisticated backdoor named SesameOp, which uses the OpenAI Assistants API as a command-and-control (C2) channel.  This discovery marks one of the first known cases of a malware family exploiting a legitimate AI service for stealthy communications, underscoring how artificial intelligence tools can be misused in cyber espionage. A New Kind of Backdoor The SesameOp backdoor was discovered in July 2025 durin…

Read Full Article
Techzine EuropeTechzine Europe

Microsoft discovers backdoor that exploits OpenAI API

Microsoft discovers SesameOp backdoor that abuses OpenAI API for C2 communication. Attackers remained undetected for months.

Read Full Article
IT Security News - cybersecurity, infosecurity newsIT Security News - cybersecurity, infosecurity news

OpenAI API moonlights as malware HQ in Microsoft’s latest discovery

Redmond uncovers SesameOp, a backdoor hiding its tracks by using OpenAI’s Assistants API as a command channel Hackers have found a new use for OpenAI’s Assistants API – not to write poems or code, but to secretly control malware.… This article has been indexed from The Register – Security Read the original article: OpenAI API moonlights as malware HQ in Microsoft’s latest discovery The post OpenAI API moonlights as malware HQ in Microsoft’s la…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

BleepingComputer broke the news in on Monday, November 3, 2025.
Sources are mostly out of (0)

Similar News Topics

Microsoft icon

Microsoft

Security icon

Security

OpenAI icon

OpenAI

Artificial Intelligence icon

Artificial Intelligence

News
For You
SearchBlindspotLocal