Hackers Hijack OpenAI API: The Laughably Sinister Tale of SesameOp Espionage!

A threat actor exploited the OpenAI Assistants API for espionage, using it to relay commands between its C&C server and a backdoor called SesameOp. The attack involved clever use of Visual Studio utilities and .NET AppDomainManager injection, allowing the malware to persistently manage infected devices. Microsoft identified the rogue API key and alerted OpenAI.

3P
Published: November 4, 2025 1:42 pmAdded: November 4, 2025 at 6:18 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew AI could be such a two-faced friend? One day it’s helping you write poetry, the next it’s plotting behind your back with cybercriminals. Move over Shakespeare, there’s a new drama in town, and it’s called “The Tale of SesameOp and the Treacherous API”!

Key Points:

  • SesameOp is a stealthy backdoor using the OpenAI Assistants API for C&C communication.
  • The attack involves .NET AppDomainManager injection techniques for persistence.
  • The OpenAI Assistants API is exploited for sending commands and receiving results.
  • Microsoft disabled the compromised API key and associated account.
  • OpenAI Assistants API will be deprecated by August 2026.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?