Microsoft has announced the identification of a sophisticated backdoor known as SesameOp, which uniquely employs the OpenAI Assistants Application Programming Interface (API) for its command-and-control (C2) operations. Unlike traditional methods of conducting cyber attacks, this backdoor enables threat actors to leverage OpenAI as a covert channel for orchestrating malicious activities. This innovative usage of AI not only highlights emerging tactics employed by cybercriminals but also raises concerns regarding the security vulnerabilities associated with AI tools.
The use of OpenAI’s API as a C2 means that communications can be more discreet and difficult to detect compared to standard protocols used in cyber attacks. As this instance illustrates, attackers are increasingly adapting advanced technologies for their needs, posing significant challenges for cybersecurity defenses. Organizations must remain vigilant and enhance their security measures to prevent similar threats in the future, as the integration of AI in cyber attacks may signal a dangerous trend.
👉 Pročitaj original: The Hacker News
