SesameOp leverages the OpenAI Assistants API as a covert command-and-control channel, hiding malicious commands and exfiltration within legitimate api.openai.com traffic.
Microsoft Detects "SesameOp" Backdoor Using OpenAI's API as a Stealth Command Channel
SesameOp is a backdoor that abuses the OpenAI Assistants API as a covert C2 channel to fetch commands and maintain long-term, espionage-driven persistence on compromised systems.