Cybersecurity analysts have uncovered a new threat campaign in which attackers are weaponizing Blender Foundation files to distribute an upgraded version of the StealC information stealer, known as StealC V2. The activity has been ongoing for at least six months, according to Morphisec researcher Shmuel Uzan, who reported that malicious .blend files were discovered on platforms such as CGTrader.
Users download these 3D model files believing they are harmless. However, once opened in Blender, they silently execute embedded Python scripts if the Auto Run feature is enabled. Blender is a free and widely used 3D creation suite, and this behavior allows attackers to run code without user interaction.
Campaign Linked to Earlier Russian Speaking Threat Actors
Morphisec said the operation resembles a previous campaign that targeted online gaming communities by impersonating the Electronic Frontier Foundation. That activity was previously linked to Russian speaking threat actors and involved the deployment of StealC and Pyramid C2 malware.
Researchers noted the similarity in tactics. Both campaigns used decoy files, stealthy execution methods, and background deployment of malicious components.
Attack Technique, Malicious Python Scripts Inside .blend Files
The new attacks exploit Blender’s capability to embed Python scripts within .blend files such as rigged character models. When such a file is opened with Auto Run enabled, Blender automatically executes these scripts, allowing arbitrary code to run on the device.
Blender has acknowledged this security risk in its documentation, stating that embedded scripts are useful for automation and rigging but are not restricted by Python’s security limitations.
In this campaign, attackers uploaded rigged 3D files containing a malicious script named Rig_Ui.py. When the file is opened, the script runs and retrieves a PowerShell command that downloads two ZIP archives. One archive contains StealC V2, while the other installs a second Python based information stealer.
StealC V2, first announced in late April 2025, comes with expanded data collection abilities. It can extract information from 23 web browsers, 100 browser plugins and extensions, 15 cryptocurrency wallets, messaging apps, VPN tools, and email clients.
Morphisec advised Blender users to keep Auto Run disabled unless the file is obtained from a trusted source. The company also noted that attackers prefer Blender because it often runs on physical systems with GPUs, allowing them to bypass virtual machines and sandbox detection.
