.jpg "Malicious Blender model files deliver StealC infostealing malware"){kind=logo}
A campaign linked to Russia utilizes malicious Blender files on 3D marketplaces to distribute the StealC V2 information stealer malware. Users are advised to disable Auto Run in Blender and trust only verified sources to prevent infection. #StealC #BlenderMalware
Keypoints
- Malicious Blender files contain embedded Python code that can execute malware loaders.
- The malware fetches payloads from attacker-controlled domains, infecting Windows systems.
- StealC malware now supports extensive data exfiltration, including browsers, wallets, and messaging apps.
- The latest StealC variant bypasses many antivirus detection tools and remains elusive to security engines.
- Users should disable Blenderβs Auto Run feature and only trust files from verified publishers.