StealC V2 Malware Spreads Through Weaponized Blender Files on 3D Model Marketplaces

27 Nov 2025

Cyber CrimeHackingMalwareSecurityBlender filesInformation Security NewsIT Information SecuritySecurity AffairsSecurity NewsStealC V2Supply Chain SecurityEndpoint ProtectionThreat DetectionUser Education

The StealC V2 malware, an advanced infostealer, is being distributed through malicious Blender files on popular 3D model marketplaces such as CGTrader. According to a report by Morphisec, Russian threat actors are exploiting Blender's capability to execute hidden Python scripts for automation to deliver the malware. This method of distribution is particularly insidious because Blender is a trusted tool widely used in industries like gaming, film, and design. The malware, once executed, steals sensitive information from infected systems. This incident underscores the growing sophistication of malware distribution techniques and the importance of supply chain security. Cybersecurity professionals should be vigilant about the sources of downloaded files and implement robust security measures, including file validation, sandboxing, and advanced endpoint protection. Regular security training for users is also crucial to mitigate the risks associated with such attacks. The spread of StealC V2 through Blender files is a stark reminder that even seemingly harmless files can be weaponized to deliver malware, necessitating heightened awareness and proactive security measures.