Microsoft researchers discovered a new backdoor named SesameOp that uniquely uses the OpenAI Assistants API for its command-and-control (C2) communications. Instead of traditional C2 methods, the malware stealthily fetches commands and exfiltrates data by abusing the API as a storage and relay mechanism. This tactic was used for long-term espionage. This was a misuse of the API, not a vulnerability, and Microsoft and OpenAI have since disabled the account and API key used by the threat actor.
