Backdoor - 1

2026 (2)

March (2)

security: Contagious Interview: Malware delivered through fake developer job interviews

Microsoft Security Blog

2026-03-11

Microsoft describes the Contagious Interview campaign, where attackers impersonate recruiters from crypto and AI firms to target developers with fake coding assessments. The delivered malware installs backdoors and steals API tokens, cloud credentials, crypto wallets, and source code.

security: Signed malware impersonating workplace apps deploys RMM backdoors

Microsoft Security Blog

2026-03-03

Signed malware using a stolen EV code-signing certificate impersonated workplace apps to install legitimate remote monitoring and management (RMM) tools for persistent enterprise access. The post advises tightening certificate controls and monitoring RMM tool usage to reduce risk.

2025 (1)

November (1)

security: SesameOp: Novel backdoor uses OpenAI Assistants API for command and control

Microsoft Security Blog

2025-11-03

Microsoft DART researchers identified a novel backdoor, dubbed SesameOp, that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. A component of the backdoor uses the Assistants API as a storage/relay to fetch commands and execute tasks inside compromised environments, avoiding traditional C2 methods.