StealC V2 Infostealer Spread via Blender Files on CGTrader

Based on the information provided, Morphisec researchers have discovered a malicious campaign distributing the StealC V2 infostealer through infected Blender files on platforms such as CGTrader. The campaign leverages the trust users place in third-party marketplaces to deliver malware disguised as legitimate Blender project files or add-ons. StealC V2 is an infostealer designed to exfiltrate sensitive data, including credentials and financial information. The use of Blender files as a delivery mechanism highlights the growing trend of attackers targeting niche software communities. Cybersecurity professionals should advise users to exercise caution when downloading files from third-party platforms, verify file authenticity, and employ advanced endpoint protection solutions. Organizations should enhance security measures on platforms hosting user-generated content to prevent similar attacks. This campaign underscores the importance of supply chain security and the need for vigilance across all software communities. Note: This analysis is based solely on the information provided in the message, as the original article could not be accessed for verification.