Sign in / up

back to article OpenAI API moonlights as malware HQ in Microsoft’s latest discovery

Hackers have found a new use for OpenAI's Assistants API – not to write poems or code, but to secretly control malware. Microsoft this week detailed a previously unseen backdoor dubbed "SesameOp," which abuses OpenAI's Assistants API as a command-and-control channel to relay instructions between infected systems and the …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Pen-y-gors

    Oh yeah?

    Seeing a connection to OpenAI's API on your network doesn't exactly scream "compromise."

    It would on my network!

    8 0 Reply
    1. Irongut Silver badge
      Reply Icon

      Re: Oh yeah?

      Given OpenAI's myriad of security failings I agree.

      It's like their software engineers are fresh out of college with no experience writing software that is connected to the Internet and no security knowledge.

      6 0 Reply
      1. David 132 Silver badge
        Reply Icon

        Re: Oh yeah?

        The standard approach to writing software seems to be:

        1) make it work

        2) make it stable

        3) (optional) make it secure

        Problem is that when the money starts flooding in somewhere after step (1), steps 2 and certainly 3 are often put on the "why bother?" pile.

        0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon