Another Maya malware in the wild

This link goes to a Maya plugin (tested on Maya 2022, should be OK at least as far back as 2020 or 2019). If you unzip into a folder on the your MAYA_MODULE_PATH (usually Documents /Maya/2022/Modules) it will scan MA files as you open them and warn you if the files are suspicious.

Note that the “Maya security plugin” does NOT catch all of the (many!) zero-day exploits that are trivially easy to do in MA files. It’s only really able to catch scriptnode hacks.

If you catch any holes in this please ping me. If you want to join the Github group that created the plugin, also reach out via DM

3 Likes