Blender’s Blend of Trouble: How Malicious 3D Files Are Stealing Your Data!
Cybersecurity researchers have uncovered a campaign using Blender Foundation files to deliver the StealC V2 information stealer. Malicious .blend files on platforms like CGTrader auto-execute Python scripts when opened. It’s like downloading a free 3D model and getting a surprise malware bonus. Remember, trust no .blend file unless you want a side of cyber chaos!
Hot Take:
Ah, the artful world of 3D modeling, where creativity meets… malware? Seems like some cyber baddies have decided that CGTrader is the new frontier for their digital mischief. Who knew Blender files could be such a spicy vehicle for cyber threats? From rigging animations to rigging your data – it’s a wild world out there!
Key Points:
- Blender Foundation files are being used to deliver the StealC V2 information stealer.
- The campaign involves planting malicious .blend files on platforms like CGTrader.
- These files execute harmful Python scripts when opened in Blender with Auto Run enabled.
- Attackers are using techniques similar to prior campaigns linked to Russian actors.
- StealC V2 can extract data from a wide variety of browsers, plugins, and applications.
Already a member? Log in here