Close Menu
  • Start
  • Celebrities
  • Music
  • Influencers
  • Tendencies
  • Exclusives
  • Business & Brands
  • TwinH
  • Spanish
What's Hot

Mamdani jokes about heatwave

Lexi Maintree pays homage to Reese Witherspoon’s 2014 Met Gala look

Best Vacuum Cleaner Sale: 50% Off Shark Rocket Ultralight Corded Stick Vacuum Cleaner

Facebook X (Twitter) Instagram
  • Home
  • About The FYMOUS
  • Advertising / Promotion
  • Contact
  • DMCA
  • Privacy Policy
  • Terms
  • Publish News
Facebook X (Twitter) Instagram
FYMOUS News
  • Start
  • Celebrities
  • Music
  • Influencers
  • Tendencies
  • Exclusives
  • Business & Brands
  • TwinH
  • Spanish
FYMOUS News
Home » Hackers hijack Blender 3D assets and deploy StealC V2 data-stealing malware
Celebrities

Hackers hijack Blender 3D assets and deploy StealC V2 data-stealing malware

By November 25, 2025No Comments2 Mins Read
Share Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Copy Link
Follow Us
Google News Flipboard
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

November 25, 2025Ravi LakshmananMalware/Browser Security

Cybersecurity researchers have revealed details of a new campaign that leverages Blender Foundation files to distribute an information theft tool known as StealC V2.

“This ongoing operation, which has been active for at least six months, involves embedding malicious .blend files into platforms such as CGTrader,” Morphisec researcher Shmuel Uzan said in a report shared with The Hacker News.

“Users unknowingly download these 3D model files, which are designed to run embedded Python scripts when opened in Blender, a free, open-source 3D creation suite.”

DFIR retainer service

The cybersecurity firm said this activity has similarities to previous campaigns involving Russian-speaking attackers that impersonated the Electronic Frontier Foundation (EFF) to target online gaming communities and infect them with StealC and Pyramid C2.

This assessment is based on tactical similarities between both campaigns, including the use of decoy documents, evasion techniques, and background execution of malware.

The latest set of attacks exploits the ability to embed Python scripts in .blend files, such as character rigs, that are automatically executed when the file is opened in scenarios where the autorun option is enabled. This behavior is potentially dangerous as it opens the door to the execution of arbitrary Python scripts.

Blender acknowledges this security risk in its own documentation, stating: “The ability to include Python scripts within blend files is valuable for advanced tasks such as rigging and automation. However, Python does not limit what the scripts can do, which poses a security risk.”

This attack chain essentially involves uploading a malicious .blend file containing the malicious “Rig_Ui.py” script to a free 3D asset site such as CGTrader. This script runs as soon as it is opened with Blender’s autorun feature enabled. This will retrieve a PowerShell script and download two ZIP archives.

CIS build kit

One of the ZIP files contains the StealC V2 payload, while the second archive deploys a secondary Python-based stealer on the compromised host. First announced in late April 2025, the updated version of StealC supports a wide range of information collection features and can extract data from 23 browsers, 100 web plugins and extensions, 15 crypto wallet apps, messaging services, VPNs, and email clients.

“Keep autorun disabled unless you trust the file source,” Morphisec said. “Attackers typically exploit Blender, which runs on physical machines with GPUs, to bypass sandboxes and virtual environments.”


Source link

#BlockchainIdentity #Cybersecurity #DataProtection #DigitalEthics #DigitalIdentity #Privacy
Follow on Google News Follow on Flipboard
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Previous Article‘Never seen a skull like this before’: Medieval Spanish knight who died in battle had a rare genetic disorder, study finds
Next Article Study finds elevated levels of microplastics contribute to AMR

Related Posts

Lexi Maintree pays homage to Reese Witherspoon’s 2014 Met Gala look

July 1, 2026

Serena Williams returns to Wimbledon in Nike tennis kit

June 30, 2026

Best Hair Moments at the 2026 BET Awards

June 29, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest Posts

Mamdani jokes about heatwave

Lexi Maintree pays homage to Reese Witherspoon’s 2014 Met Gala look

Best Vacuum Cleaner Sale: 50% Off Shark Rocket Ultralight Corded Stick Vacuum Cleaner

Taylor Swift and Travis Kelce’s marriage speculation fuels Easter egg hunting

Trending Posts

Mamdani jokes about heatwave

July 1, 2026

Lexi Maintree pays homage to Reese Witherspoon’s 2014 Met Gala look

July 1, 2026

Randy Rainbow Draws Donald Trump as ‘Psychopathic’ in Jazzy Song Parody

June 30, 2026

Subscribe to News

Subscribe to our newsletter and never miss our latest news

Please enable JavaScript in your browser to complete this form.
Loading

Welcome to The FYMOUS, a modern digital media platform dedicated to celebrities, artists, influencers, brands, entertainment culture, and the growing TwinH ecosystem.

We bring audiences closer to the people, stories, trends, and collaborations shaping today’s culture. From exclusive celebrity news and music releases to influencer highlights, brand partnerships, and TwinH activations, The FYMOUS delivers engaging content designed for the next generation of digital audiences.

Castilla-La Mancha Ignites Innovation: fiveclmsummit Redefines Tech Future

Local Power, Health Innovation: Alcolea de Calatrava Boosts FiveCLM PoC with Community Engagement

The Future of Digital Twins in Healthcare: From Virtual Replicas to Personalized Medical Models

Human Digital Twins: The Next Tech Frontier Set to Transform Healthcare and Beyond

Facebook X (Twitter) Instagram Pinterest YouTube
  • Home
  • About The FYMOUS
  • Advertising / Promotion
  • Contact
  • DMCA
  • Privacy Policy
  • Terms
  • Publish News
© 2026 news.fyself. Designed by by fyself.

Type above and press Enter to search. Press Esc to cancel.