A sophisticated new backdoor named SesameOp has emerged with a novel approach to command-and-control communications that fundamentally challenges traditional security assumptions.

Discovered in July 2025 by Microsoft’s Incident Response and Detection and Response Team, this malware represents a significant shift in how threat actors exploit legitimate cloud services for covert operations.

Rather than relying on dedicated infrastructure or suspicious network connections, SesameOp ingeniously abuses the OpenAI Assistants API as a disguised command relay, allowing attackers to issue instructions and receive results through what appears as legitimate traffic to a trusted service.

The malware’s discovery emerged during a complex incident investigation where attackers had maintained operational presence within a compromised environment for months.

The investigation revealed an intricate architecture comprising internal web shells strategically positioned throughout the network.

These shells operated under control of persistent malicious processes that leveraged compromised Microsoft Visual Studio utilities through .NET AppDomainManager injection—a technique that circumvents traditional detection mechanisms by hiding malicious code within legitimate system processes.

Microsoft analysts identified the infection chain as a two-component system. The first component consists of Netapi64.dll, a heavily obfuscated loader designed to identify and execute the primary backdoor.

The second component, OpenAIAgent.Netapi64, contains the core functionality that orchestrates C2 communications through the OpenAI platform.

Rather than utilizing OpenAI’s agent software development kits or model execution features, the backdoor weaponizes the Assistants API purely as a message storage mechanism.

Commands arrive compressed and encrypted, which the malware decrypts and executes locally before returning results back through the same OpenAI infrastructure.

Communication and Execution Mechanisms

The technical sophistication underlying SesameOp extends beyond simple API misuse. Upon execution, the backdoor initiates sophisticated command retrieval by first establishing contact with OpenAI’s vector store infrastructure.

The malware encodes the infected machine’s hostname in Base64 format and queries the Assistants API to identify corresponding vector stores and assistants previously created by the operator.

The configuration embedded within the backdoor contains a hardcoded OpenAI API key, a dictionary key selector, and optional proxy information.

Once communication establishes, the malware enters a polling loop where it periodically checks for new commands marked with either “SLEEP” or “Payload” designations within the assistant descriptions.

When a payload command appears, the backdoor retrieves encrypted content from OpenAI threads using thread IDs and message identifiers.

The payload undergoes multi-layered decryption: first, a 32-byte AES key is extracted and decrypted using an embedded RSA private key, then the command payload is decrypted with this AES key and decompressed using GZIP.

The decrypted message transforms into a dictionary structure that the backdoor passes to a dynamically loaded .NET module using the JScript evaluation engine.

This module executes the command and generates results that are compressed, encrypted with a randomly generated AES key, and posted back to OpenAI as a new message.

The backdoor then creates a new Assistant record with the execution results marked as “Result,” signaling the operator that tasks have completed.

This bidirectional communication channel remains virtually invisible to network monitoring tools since all traffic appears as routine connections to a legitimate, trusted service.

The OpenAI Assistants API has been deprecated by the platform and will be retired in August 2026.

Microsoft and OpenAI jointly investigated this threat, leading OpenAI to identify and disable the API key and associated account used by the threat actor.

However, this case underscores a critical vulnerability in how emerging technologies can be weaponized before security communities fully understand their implications.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post SesameOp Leveraging OpenAI Assistants API for Stealthy Communication with C2 Servers appeared first on Cyber Security News.

Cybercriminals have shifted their focus to a highly profitable target: the trucking and logistics industry.

Over the past several months, a coordinated threat cluster has been actively compromising freight companies through deliberate attack chains designed to facilitate multi-million-dollar cargo theft operations.

The emergence of this campaign represents a disturbing intersection of physical crime and digital exploitation, where cyber capabilities enable the theft of real goods ranging from electronics to energy beverages.

The targeting strategy employed by these threat actors demonstrates sophisticated understanding of supply chain operations.

Rather than attacking specific companies, the criminals operate opportunistically, intercepting communications and compromising accounts across the transportation sector.

Their primary objective involves gaining unauthorized access to carrier systems, which enables them to bid on legitimate shipments and orchestrate their interception and resale on underground markets or through international channels.

Proofpoint researchers identified this threat cluster after detecting a significant uptick in campaigns beginning as early as January 2025, with intensified activity accelerating through mid-2025.

The threat actors deploy multiple remote monitoring and management tools including ScreenConnect, SimpleHelp, PDQ Connect, and N-able, frequently using multiple RMM solutions in combination to establish persistent access and conduct thorough system reconnaissance.

Infection mechanism

The infection mechanism primarily relies on social engineering tactics that exploit the inherent trust and urgency present in freight industry communications.

Attackers compromise load board accounts—online marketplaces facilitating cargo shipment bookings—then post fraudulent listings and deploy malicious URLs when carriers express interest.

Upon execution, the embedded executables grant adversaries complete system control, allowing them to harvest credentials through tools like WebBrowserPassView and deepen their foothold within target networks.

What distinguishes this campaign is the seamless integration of legitimate RMM tools into criminal infrastructure.

Unlike traditional remote access trojans, these commonly used software packages often bypass security detection mechanisms due to signed installer packages and legitimate reputation.

Threat actors subsequently leverage compromised access to delete existing freight bookings, manipulate dispatcher notifications, and coordinate the theft directly using the victim’s own infrastructure.

According to the National Insurance Crime Bureau, cargo theft causes approximately $34 billion in annual losses, with projections indicating a 22 percent increase in 2025.

Proofpoint has documented nearly two dozen campaigns within just two months, suggesting this exploitation trend will continue accelerating as criminals recognize the effectiveness and profitability of cyber-enabled cargo theft operations.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post Threat Actors Leverage RMM Tools to Hack Trucking Companies and Steal Cargo Freight appeared first on Cyber Security News.