TLDR;
This is a critical security alert for all Blender users. Be extremely cautious of unsolicited `.blend` files that ask you to "Allow Execution" of scripts. These can contain hidden malware designed to compromise your computer. Always click "Ignore" unless you absolutely trust the source.
- • A real-life example of a malware phishing attempt received through Blender Market.
- • Explains how malicious PowerShell code can be hidden inside a seemingly normal `.blend` file.
- • The number one rule: Never click "Allow Execution" on Python script prompts from untrusted files.
- • Warns against downloading pirated Blender add-ons, which are a common vector for malware.
- • The importance of downloading assets only from reputable sources to protect your PC and data.
A Growing Threat to the Blender Community
As Blender's popularity soars, its user base has become a prime target for hackers and scammers. This video serves as a crucial awareness message about a specific type of attack: malware delivered through `.blend` files. The creator shares a personal experience of receiving a suspicious message on Blender Market, a legitimate platform, which highlights that these attacks can appear anywhere.
The Anatomy of a Malicious .blend File
The video details how the scam works. A user receives a `.blend` file, often disguised as a collaboration offer or a sample project. Upon opening it in Blender, a security warning pops up, asking for permission to run an embedded Python script. While some legitimate add-ons use scripts for custom UIs, scammers exploit this feature. In this case, the creator inspected the script and discovered hidden PowerShell code. This malicious code was designed to secretly download a ZIP file from a remote server, install software on the user's PC, and potentially steal data or cause other harm.
How to Protect Yourself: The Golden Rule
The most important takeaway is how to stay safe. Whenever you open a `.blend` file from a source you don't know and trust 100%, and you see the "Allow Execution" prompt, always choose "Ignore."Clicking "Allow" gives the script permission to run code on your computer, which can have devastating consequences. By ignoring it, you prevent the malicious code from ever running.
Avoid Piracy and Support Developers
The video concludes by linking this security risk to the use of pirated software. Hackers often package malware into cracked versions of popular Blender add-ons. The safest practice is to always download or purchase add-ons and assets from official and reputable sources like Blender Market, Gumroad, or the official websites of trusted developers. By doing so, you not only protect yourself from potential harm but also support the creators who contribute to the vibrant Blender ecosystem.
