logo80lv
Articlesclick_arrow
Research
Talentsclick_arrow
Events
Workshops
Aboutclick_arrow
profile_loginLogIn

Warning: Malware Discovered In Blender File Circulating Online

Disguised as a free chair model, it's distributed via Discord, Gmail, and Fiverr.

LordCinn

A case of disguised malware embedded in a .blend file has been reported on Reddit by 3D Artist Haikal Shakyl, also known as LordCinn, and confirmed by several other artists in the thread. The file is being shared across platforms such as Discord, Gmail, and Fiverr, though it's likely not limited to these, scam messages are also commonly reported on ArtStation.

The malware is hidden in a .blend file named with random letters and often poses as a request for services. If Auto Run Python Scripts is enabled in your Blender's User Preferences, opening the file will immediately execute a malicious script. If auto-run is disabled, Blender will prompt you before executing any embedded scripts.

"The file isn't totally blank, I opened it in a VM and saw that it had a free chair model. Soon after that, my VM started to auto shut down and open "bad things" through my browser. The script seems to be hidden inside what seems to be a version of the Rigify add-on", shared Haikal.

LordCinn

Ultimately, it doesn't matter that it was a chair model, the malware could exist in any Blender file. The simplest way to protect yourself, of course, would be to completely disable Auto Run Python Scripts in Blender's preferences. This malware is likely an information stealer, so if you've opened the infected file, it's strongly recommended that you change all your passwords immediately and perform a full factory reset of your system.

Stay alert, learn more here, and join our 80 Level Talent platform and our new Discord server, follow us on InstagramTwitterLinkedInTelegramTikTok, and Threads, where we share breakdowns, the latest news, awesome artworks, and more.

Join discussion

Comments 0

    You might also like

    We need your consent

    We use cookies on this website to make your browsing experience better. By using the site you agree to our use of cookies.Learn more