Solved: Re: Maya malicious script Security Update and resources

hagen.deloss · ‎06-23-2020

Hi all,

I wanted to share something that the Maya team has been looking into for the past few weeks.

A third-party malicious script has been identified and a fix has been made available. The script can execute malicious code that can corrupt the Maya environment, cause scene instability, as well as spread to other systems.The third-party script exploit can corrupt Maya’s software’s settings, run malicious code, and be propagated to other Maya files (*.ma and .mb) if scene files containing the script are loaded into Maya.

The fix is included in Security Tools for Autodesk® Maya, which is available at the Autodesk App Store here.

Autodesk highly recommends that customers download and install the Security Tools for Autodesk® Maya plug-in from the Autodesk App Store to protect themselves from the above-described exploit.For more information about how to identify the malicious script, and how to use the security tools, please see the resources linked below:

As always, we are here to help! If you are having similar symptoms, or having trouble using these tools feel free to post on our forums and we would be happy to assist. But to prevent further corruption from spreading, please refrain from sharing files you think may be corrupted on the forums directly.

Warm regards,

Hagen Deloss
Community Manager | Media & Entertainment
Installation & Licensing forums | Contact product support | Autodesk AREA

hagen.deloss · ‎06-23-2020

The previously mention articles and Security tools should cover most of your questions.

Please reach out to @alec.andersenLP8AU or myself @hagen.deloss if you require additional help 😄

Hagen Deloss
Community Manager | Media & Entertainment
Installation & Licensing forums | Contact product support | Autodesk AREA

zewt · ‎06-23-2020

FYI, it's a mistake to be calling this an "exploit". An exploit is code that exploits a security bug in your software, which isn't the case at all here. It's never been safe to load untrusted Maya scenes, and doing that is the same as running random untrusted software on your PC. This is just a trojan, not an exploit.

It's not a minor nitpick about vocabulary--calling it an exploit is telling everyone that Autodesk and Maya are partially at fault and that Maya has a security bug that needs to be fixed, and that's not true at all.

Anonymous · ‎06-29-2020

Hello,

This affected my file and i cannot open the file anymore. What can i do to get it back?

Anonymous · ‎06-29-2020

Can i send my file to you?

mspeer · ‎06-29-2020

Hi!

1) "please refrain from sharing files you think may be corrupted on the forums directly"

2) I recommend to contact Autodesk Support for any issues related to the malicious script or the Maya Security Tools.

3) If you provide Maya files related to malicious content or the Maya Security Tools, I recommend:

1. Use only Maya ASCII scenes and rename them to .txt

2. Give them a prefix like "exploit_", "virus_", "infected_", or "care_" .

3. ZIP the files

This prevents any accidental execution.

mspeer · ‎06-29-2020

3)

1. Maybe it's better to suggest to add a postfix like "_off" instead, so ".ma" becomes ".ma_off".

This will work also with other file types and no one tries accidentally to open a 500 MB Maya file with the default text editor.

Anonymous · ‎06-29-2020

Is there any way to contact auto desk support if i am not a paying user but a student?

lynn_zhang · ‎07-08-2020

Hi @Anonymous

You can contact our Education Support from here: https://www.autodesk.com/education/support/edu-contact-us-form

Lynn Zhang
Community Manager

ksG3XE2 · ‎10-29-2020

Hi, my TD went through the Scanner and it seems that the scanner might not be picking up variants of the malicious script. He reported that in one of our file, some changes where made to the original malicious script which will render it undetected by the mayaScanner. Our MayaScanner was already updated to v1.0.2.

mspeer · ‎10-30-2020

Hi!

@ksG3XE2

Please contact Autodesk Support directly, which is better suited in this case, cause this is an open user-to-user forum and in your case the exchange of sensitive data and infected files could be necessary.

Anonymous · ‎11-04-2020

Hello,

We have made the security tool available to all our systems in the company. As we are in game dev, we literally have tens of thousands of Maya files on network shares and in our version control systems. We were hoping there was a way to script scanning a directory containing all our Maya files. It is unclear to us how to do this or set it up so that we get a bill of health or status after the scan. Has anybody done this? Is there a general recipe or guideline to achieve this?

Thanks in advance for any assist.

chaneyx · ‎01-14-2021

Which script is it and what is the source?

gw01 · ‎01-19-2021

I have tried to download the security tools in the app store, however, the link appears to be broken and gives an "App not found" page. Can you please confirm that this app is still alive

hagen.deloss · ‎01-20-2021

Hi @gw01

Shoot, sorry for the trouble! This Security Tools app store link right here works for me! let me know if you continue to have trouble downloading or using the tools 😄

Warm regards,

Hagen Deloss
Community Manager | Media & Entertainment
Installation & Licensing forums | Contact product support | Autodesk AREA

andy.johns · ‎05-05-2021

I notice that the Security tool is for Maya 2015-2020 . What does this mean for those of us using Maya 2021 or 2022 ?

Cheers.

Andy

mspeer · ‎05-05-2021

Hi!

Maya 2022 has a built-in version, so it's no longer required there. (There is no Maya 2021.)

andy.johns · ‎05-05-2021

Ahh so there isnt...thanks for the update.

dhanad · ‎05-20-2021

Looks like I am the latest victim of this annoying script. We receive work from our external vendors in our studio. We have repository of hundreds if not thousands of .ma files that are being accessed across our network in the studio. I have currently recommended everyone at our studio to update to Maya 2022 so that we can detect any malicious script upon opening a .ma file. However, I am not sure Maya 2022 is able to detect any newer variants? Any leads on this? I lost 3 months worth of work last night, when I attempted to back up my files, the .ma file would delete itself if I tried to move, or copy/paste. Using data recovery did not help either as the file seems to be retaining its orignal file size but the scene appears empty. Help!

mspeer · ‎05-20-2021

Hi!

Please don't post duplicate messages, that's against forum rules. You already created 2 threads about this issue.

"I lost 3 months worth of work last night, when I attempted to back up my files, the .ma file would delete itself if I tried to move, or copy/paste."

- That's for sure not a problem related to Maya scripts as these have no impact on any OS related actions, they only can become active when opened in Maya. Maybe your disk got corrupted or there was any other issue.