{"id":54948,"date":"2025-12-10T12:58:20","date_gmt":"2025-12-10T17:58:20","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=54948"},"modified":"2025-12-10T12:58:20","modified_gmt":"2025-12-10T17:58:20","slug":"malicious-blender-model-files","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/malicious-blender-model-files\/54948\/","title":{"rendered":"Malware hiding in a 3D model"},"content":{"rendered":"<p>News outlets recently reported that a threat actor was spreading an infostealer through free <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/malicious-blender-model-files-deliver-stealc-infostealing-malware\/\" target=\"_blank\" rel=\"noopener nofollow\">3D model files for the Blender software<\/a>. This is troubling enough on its own, but it highlights an even more serious problem: the business threat posed by free open source programs, uncontrolled by corporate infosec teams. And the danger comes not from vulnerabilities in the software, but from its very own standard features.<\/p>\n<h2>Why Blender and 3D model marketplaces pose a risk<\/h2>\n<p>Blender is a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Blender_(software)\" target=\"_blank\" rel=\"noopener nofollow\">3D graphics and animation suite<\/a> used by visualization professionals across various industries. The software is free and open-source, and offers extensive functionality. Among Blender\u2019s capabilities is support for executing Python scripts, which are used to automate tasks and add new features.<\/p>\n<p>The package allows users to import external files from specialized marketplaces like <a href=\"https:\/\/en.wikipedia.org\/wiki\/CGTrader\" target=\"_blank\" rel=\"noopener nofollow\">CGTrader<\/a> or <a href=\"https:\/\/en.wikipedia.org\/wiki\/Sketchfab\" target=\"_blank\" rel=\"noopener nofollow\">Sketchfab<\/a>. These platforms host both paid and free 3D models by artists and studios. Any of these model files potentially contain Python scripts.<\/p>\n<p>This creates a concerning scenario: marketplaces where files can be uploaded by any user and may not be scanned for malicious content, combined with software that has an Auto Run Python Scripts feature. It allows files to automatically execute embedded Python scripts immediately upon opening \u2014 essentially running arbitrary code on the user\u2019s computer in unattended mode.<\/p>\n<p>\u00a0<\/p>\n<h2>How the StealC\u00a0V2 infostealer spread via Blender files<\/h2>\n<p>The attackers posted free 3D models with the <em>.blend<\/em> file name extension on the popular CGTrader platform. These files contained a malicious Python script. If the user had the Auto Run Python Scripts feature enabled, downloading and opening the file in Blender triggered the script. It then established a connection to a remote server and downloaded a malware loader from the Cloudflare Workers domain.<\/p>\n<p>The loader executed a PowerShell script, which in turn downloaded additional malicious payloads from the attackers\u2019 servers. Ultimately, the victim\u2019s computer was infected with the StealC infostealer, enabling the attackers to:<\/p>\n<ul>\n<li>Extract data from over 23 browsers.<\/li>\n<li>Harvest information from more than 100 browser extensions and 15 crypto wallet applications.<\/li>\n<li>Steal data from Telegram, Discord, Tox, Pidgin, ProtonVPN, OpenVPN, and email clients like Thunderbird.<\/li>\n<li>Use a User Account Control (UAC) bypass.<\/li>\n<\/ul>\n<h2>The danger of unmonitored work tools<\/h2>\n<p>The problem isn\u2019t Blender itself \u2014 threat actors will inevitably try to exploit automation features in any popular software. Most end-users don\u2019t consider the risks of enabling common automation features, nor do they typically dive deep into how these features work or how they could be exploited.<\/p>\n<p>The core issue is that security teams aren\u2019t always familiar with the capabilities of specialized tools used by various departments. They simply don\u2019t account for this vector in their threat models.<\/p>\n<h2>How to avoid becoming a victim<\/h2>\n<p>If your company uses Blender, the first step is to disable the automatic execution of Python scripts (Auto Run Python Scripts feature). Here\u2019s how to do it according to official documentation.<\/p>\n<div id=\"attachment_54949\" style=\"width: 850px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2025\/12\/10125412\/malicious-blender-model-files-2.jpg\"><img decoding=\"async\" aria-describedby=\"caption-attachment-54949\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2025\/12\/10125412\/malicious-blender-model-files-2.jpg\" alt=\"How to disable Auto Run Python Scripts in Blender\" width=\"840\" height=\"520\" class=\"size-full wp-image-54949\"><\/a><p id=\"caption-attachment-54949\" class=\"wp-caption-text\">How to disable the automatic execution of Python scripts in Blender. <a href=\"https:\/\/docs.blender.org\/manual\/en\/latest\/editors\/preferences\/save_load.html\" target=\"_blank\" rel=\"noopener nofollow\"> Source <\/a><\/p><\/div>\n<p>Furthermore, to prevent the sudden spread of threats via work tools, we recommend that corporate security teams:<\/p>\n<ul>\n<li>Prohibit the use of tools and extensions that haven\u2019t been approved by the security team.<\/li>\n<li>Thoroughly vet permitted software, and assess risks before implementing any new services or platforms.<\/li>\n<li>Regularly train employees to recognize the risks associated with installing unknown software and using dangerous features. You can automate security awareness training with the <a href=\"https:\/\/k-asap.com\/en\/?icid=gl_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder____kasap___\" target=\"_blank\" rel=\"noopener\">Kaspersky Automated Security Awareness Platform<\/a>.<\/li>\n<li>Enforce the use of secure configurations for all work tools.<\/li>\n<li>Protect all company-issued devices with <a href=\"https:\/\/www.kaspersky.com\/next?icid=gl_kdailyplacehold_acq_ona_smm__onl_b2b_kdaily_wpplaceholder_sm-team___knext____a8c0f733e524af27\" target=\"_blank\" rel=\"noopener nofollow\">modern security solutions<\/a>.<\/li>\n<\/ul>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kasap\">\n","protected":false},"excerpt":{"rendered":"<p>How automation turns legitimate tools into a channel for malware delivery.<\/p>\n","protected":false},"author":2726,"featured_media":54950,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3051],"tags":[4657,36,4394,1146,422],"class_list":{"0":"post-54948","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"tag-infostealers","10":"tag-malware-2","11":"tag-python","12":"tag-risks","13":"tag-threats"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/malicious-blender-model-files\/54948\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/malicious-blender-model-files\/29942\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/malicious-blender-model-files\/25011\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/malicious-blender-model-files\/29817\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/malicious-blender-model-files\/41026\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/malicious-blender-model-files\/30021\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/malicious-blender-model-files\/35730\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/infostealers\/","name":"infostealers"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/54948","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2726"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=54948"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/54948\/revisions"}],"predecessor-version":[{"id":54951,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/54948\/revisions\/54951"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/54950"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=54948"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=54948"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=54948"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}