security: SesameOp: Novel backdoor uses OpenAI Assistants API for command and control
Microsoft Security Blog
2025-11-03
Microsoft DART researchers identified a novel backdoor, dubbed SesameOp, that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. A component of the backdoor uses the Assistants API as a storage/relay to fetch commands and execute tasks inside compromised environments, avoiding traditional C2 methods.