SesameOp backdoor analysis of OpenAI API C2 and AppDomainManager injection
Technical Analysis
Summary
Hide ▲
Show ▼
Researchers disclosed SesameOp, a backdoor that uses the OpenAI Assistants API as a covert C2 channel, exposing a stealth path for remote command execution and long-term persistence. The malware chain centers on Netapi64.dll, OpenAIAgent.Netapi64, and AppDomainManager injection, with heavy Eazfuscator.NET obfuscation. The design matters because it hides malicious traffic inside legitimate API use and makes detection harder across compromised environments.
Related Happenings
SHub Reaper macOS infostealer variant
Malware Activity
First: 19.05.2026 00:42
Last: 19.05.2026 00:42
Sources 1
About this happening:
The **SHub Reaper** macOS infostealer now uses **AppleScript** and a fake **Apple security update** lure to infect Macs, raising the risk of credential theft and remote access. It...
SHub Reaper macOS infostealer variant
Malware ActivityAbout this happening: The **SHub Reaper** macOS infostealer now uses **AppleScript** and a fake **Apple security update** lure to infect Macs, raising the risk of credential theft and remote access. It...
Hugging Face shared-loader supply chain campaign
Campaign
First: 11.05.2026 10:05
Last: 11.05.2026 10:05
Sources 1
About this happening:
A **Hugging Face** repository cluster appears to be part of a **broader supply chain campaign** that used **shared loaders** to push a stealer through open-source model downloads....
Hugging Face shared-loader supply chain campaign
CampaignAbout this happening: A **Hugging Face** repository cluster appears to be part of a **broader supply chain campaign** that used **shared loaders** to push a stealer through open-source model downloads....
A0Backdoor malware deployed through signed MSI sideloading and DNS MX C2
Malware Activity
First: 10.03.2026 00:50
Last: 10.03.2026 00:50
Sources 1
About this happening:
The **A0Backdoor** malware was deployed on **Windows endpoints** through **digitally signed MSI installers** and **DLL sideloading**, giving the operators a stealthier path to exe...
A0Backdoor malware deployed through signed MSI sideloading and DNS MX C2
Malware ActivityAbout this happening: The **A0Backdoor** malware was deployed on **Windows endpoints** through **digitally signed MSI installers** and **DLL sideloading**, giving the operators a stealthier path to exe...
ShadyPanda browser extension spyware activity
Malware Activity
First: 01.12.2025 19:29
Last: 01.12.2025 19:29
Sources 1
About this happening:
**ShadyPanda** browser extensions now deliver **hourly remote code execution**, turning trusted add-ons into spyware across **Chrome** and **Edge** and putting **4.3 million insta...
ShadyPanda browser extension spyware activity
Malware ActivityAbout this happening: **ShadyPanda** browser extensions now deliver **hourly remote code execution**, turning trusted add-ons into spyware across **Chrome** and **Edge** and putting **4.3 million insta...
GlassWorm malware returning via new VSCode extensions
Malware Activity
First: 08.11.2025 18:17
Last: 08.11.2025 18:17
Sources 1
About this happening:
The **GlassWorm** malware has returned through **three new VSCode extensions**, renewing risk to extension users and marketplace accounts. The new extensions have already been dow...
GlassWorm malware returning via new VSCode extensions
Malware ActivityAbout this happening: The **GlassWorm** malware has returned through **three new VSCode extensions**, renewing risk to extension users and marketplace accounts. The new extensions have already been dow...
Timeline
-
04.11.2025 07:58 2 articles · 6mo ago
Microsoft discloses SesameOp backdoor abusing OpenAI Assistants API for stealth C2
Initial DisclosureMicrosoft disclosed SesameOp, a novel backdoor that abuses the OpenAI Assistants API as a covert command-and-control channel in a compromised environment. Microsoft said it found the implant in July 2025 during a sophisticated security incident in which unknown threat actors maintained persistence for several months; the infection chain includes Netapi64.dll and OpenAIAgent.Netapi64, uses AppDomainManager injection to load a crafted DLL at runtime, and fetches encrypted commands for local execution before sending results back through OpenAI messages.
Show sources
- Microsoft Detects "SesameOp" Backdoor Using OpenAI's API as a Stealth Command Channel — thehackernews.com — 04.11.2025 07:58
- Microsoft Detects "SesameOp" Backdoor Using OpenAI's API as a Stealth Command Channel — thehackernews.com — 04.11.2025 07:58