SesameOp: Novel backdoor uses OpenAI Assistants API for command and control

www.microsoft.com

SesameOp: Novel backdoor uses OpenAI Assistants API for command and control

www.microsoft.com

digicatM to

blueteamsecEnglish · 2 months ago

SesameOp: Novel backdoor uses OpenAI Assistants API for command and control | Microsoft Security Blog

www.microsoft.com

Microsoft Incident Response – Detection and Response Team (DART) researchers uncovered a new backdoor that is notable for its novel use of the OpenAI Assistants Application Programming Interface (API) as a mechanism for command-and-control (C2) communications. Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as a way to stealthily communicate and orchestrate malicious activities within the compromised environment. To do this, a component of the backdoor uses the OpenAI Assistants API as a storage or relay mechanism to fetch commands and run tasks for the threat actor.

You must log in or # to comment.

Chat

blueteamsec

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

22 users / day
78 users / week
247 users / month
847 users / 6 months
217 local subscribers
576 subscribers
1.75K Posts
142 Comments
Modlog

mods:
digicat