Metin Seven 🎨May 1

Blender users, always keep in mind that Blend files can execute malicious Python scripts…

https://blenderartists.org/t/blend-files-can-execute-malware/1591331

#3D #CGI #blender #Blender3D #B3D #design #3DModeling #graphics #digital #art #CreativeToots #creative #creativity

Blend files can execute malware

In case anyone needs another reminder not to click untrusted links on the internet : This week Superhive (formerly Blender Market) vendors were the target of some malicious attacks. Many (myself included) received a legitimate-sounding support ticket asking for help with their product, probably AI-generated to target them specifically. Attached to the ticket was a seemingly innocent blend file. A chair model. When opening the file, Blender asks if you want to execute “rig_ui.py”. Sure, w...

Blender Artists Community
Show threadChristoph Werner 🔶️May 3
@metin practical question: I got the same file and opened it. Is there something I have to do now? Or is the script executed only if the blend file is open?
Show threadMetin Seven 🎨May 3
@CWernerArt Good question. I wouldn’t know, sorry. I think it’s best if you ask this in the thread over at Blender Artists. Good luck!
Show threadChristoph Werner 🔶️May 3
@metin I've found all related files for this issue. There were several places they were placed. One is the Windows autostart folder. There is a link that starts an exe file that was downloaded. It will be executed at every system restart. After deleting all files and restarting the system, everything seems to be OK. I hope the tool did not download another software I haven't realized.
Show threadMetin Seven 🎨May 3

@CWernerArt 👍 Yes, let's hope your system is clean now. I saw your message over at the Blender Artists thread. 👍 If anyone has something to add, you'll probably read it there.

Have a nice rest of the weekend!

Show threadChristoph Werner 🔶️May 3
@metin Unfortunately, I had no time to investigate the folder with the exe file today before deleting it. Actually, I would like to know what the files do. But on the other hand, I don't want to execute the phishing script anew just to see what it does... 😵‍💫
Show threadMetin Seven 🎨
@CWernerArt 🫤 I understand your considerations. Maybe a thorough system-wide malware check might ease your concerns? If you regularly update Windows Defender, that's quite competent.
May 3 at 2:41pmWeb
Show threadChristoph Werner 🔶️May 3
@metin I'll definitely do it. 👍
Show threadChristoph Werner 🔶️May 4
@metin After Windows Defender deep scanned my drives the whole night, the result was positive. No ransomware, nor viruses or trojans... Hope this was it now.