Microsoft Finds Malware Using OpenAI for Attacks

Microsoft security researchers have identified a new malware strain, dubbed SesameOp, that leverages OpenAI’s Assistants API to establish a covert command-and-control channel. In this latest discovery, Microsoft finds malware using OpenAI to evade detection and maintain persistent access to compromised systems. The attackers exploit the legitimate AI platform to issue instructions and receive stolen data without triggering conventional security alerts.

According to Microsoft, SesameOp communicates with the Assistants API to mimic normal user traffic, thereby bypassing typical network monitoring tools. Microsoft finds malware using OpenAI in ways that highlight the growing trend of cybercriminals adopting mainstream technologies for malicious purposes. The use of a trusted API allows the malware to blend into regular traffic, complicating detection and mitigation efforts.

Security experts urge organizations to monitor API usage closely and review traffic for anomalies. For a deeper look into the SesameOp malware and Microsoft’s findings, read the full article at the link below.

https://www.bleepingcomputer.com/news/security/microsoft-sesameop-malware-abuses-openai-assistants-api-in-attacks/