New SesameOp Backdoor Malware Uses OpenAI API for C2

Cyber Security News by CyberSum.net

Published on November 4, 2025 at 03:00 AM

2 sources

Microsoft security researchers have discovered a new backdoor malware named SesameOp that uses the OpenAI Assistants API for covert command-and-control (C2) communications. The malware, found during a July 2025 cyberattack investigation, allows attackers to gain persistent access and remotely manage compromised devices. SesameOp leverages legitimate cloud services to avoid detection, encrypts harvested information, and establishes persistence through internal web shells. Microsoft advises security teams to audit firewall logs, enable tamper protection, and monitor unauthorized connections to mitigate the impact.

Also Read

Cyber Espionage Campaign SkyCloak Targets Military Personnel

Researchers at SEQRITE Labs have uncovered a stealthy cyber espionage campaign dubbed 'Operation SkyCloak,' targeting military personnel from multiple countries. The campaign uses a multi-stage PowerShell-based intrusion chain for persistent, covert remote access within military and defense networks. SkyCloak's unusual cross-border focus suggests an escalation in intelligence warfare, with the infection chain beginning with phishing ZIP archives disguised as military documents. The malware employs advanced evasion techniques, including anti-sandbox checks and Tor-based communication channels, to maintain stealthy operations.

By Cyber Security News by CyberSum.netNovember 3, 2025 at 09:00 AM