Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign
كتر من 1,000 نسخة مكشوفة ديال ComfyUI مستهدفة فـ حملة عالمية ديال Botnet لتعدين الكريبتو
Over 1,000 Exposed ComfyUI Instances Targeted in Global Cryptomining Botnet Campaign
TL;DR: Threat actors are systematically scanning the internet for exposed ComfyUI instances, exploiting unauthenticated custom nodes to achieve remote code execution (RCE). The campaign enlists these AI-generation servers into a dual-purpose botnet used for mining Monero and Conflux, as well as serving as Hysteria V2 proxy nodes.
A new cyberattack campaign is currently sweeping major cloud IP ranges, targeting internet-exposed deployments of ComfyUI, a popular web-based interface for Stable Diffusion. According to a report published Monday by Censys security researcher Mark Ellzey, more than 1,000 instances are currently affected by an operation designed to hijack high-performance hardware for cryptocurrency mining and proxy services.
The Attack Vector: Unauthenticated Custom Nodes
The core of the exploit relies on a systemic misconfiguration in how ComfyUI handles custom nodes. Many deployments are hosted without authentication, allowing remote users to interact with the service.
The attackers utilize a purpose-built Python scanner that identifies instances with specific custom node families installed. These nodes are vulnerable because they accept and execute raw Python code directly. The targeted node families include:
Vova75Rus/ComfyUI-Shell-Executor(A malicious package created by the attacker)filliptm/ComfyUI_Fill-Nodesseanlynch/srl-nodesruiqutech/ComfyUI-RuiquNodes
If a target instance is exposed but lacks these specific nodes, the attacker’s scanner checks for ComfyUI-Manager. If present, the script automatically installs a vulnerable node package to facilitate the exploit, then retries the execution.
Execution and Malware Payload
Once RCE is achieved through the custom nodes, the attacker fetches a shell script named ghost.sh from an IP address (77.110.96[.]200) associated with the Aeza Group, a bulletproof hosting provider.
The infection process follows a sophisticated routine:
- Cleanup: The scanner clears the ComfyUI prompt history to hide evidence of the exploit.
- Persistence: The malware uses
chattr +ito lock binaries, making them immutable even to the root user. It also employs anLD_PRELOADhook to hide a watchdog process that restarts the miner if terminated. - Mining: The botnet deploys
XMRigto mine Monero andlolMinerto mine Conflux. - Botnet Integration: A second payload installs Hysteria V2, likely intended to turn the compromised hosts into residential proxies for resale.
The entire operation is managed via a Flask-based command-and-control (C2) dashboard, allowing the operator to push new instructions or payloads to the fleet of infected AI servers.
Eliminating the Competition
The campaign demonstrates "predatory" behavior toward other botnets. The ghost.sh script includes dedicated code to identify a rival mining botnet referred to as "Hisana."
Instead of simply killing the competitor's process, the script overwrites Hisana’s configuration to redirect its mining rewards to the attacker's wallet. It then occupies Hisana’s C2 port (10808) with a dummy listener to prevent the rival malware from regaining control.
A Broader Trend in Botnet Activity
While the ComfyUI campaign is niche, it is part of a massive surge in botnet activity globally. Censys linked the attacker's shell history to an IP address involved in a worm campaign targeting Redis servers.
Other recent botnet developments include:
- Zerobot: Exploiting vulnerabilities in
n8nand Tenda routers. - Kinsing: Targeting Apache ActiveMQ and React Server Components (React2Shell).
- NetDragon: Hijacking Feiniu NAS (fnOS) systems via zero-day vulnerabilities.
- Monaco: A cryptojacking operation targeting weak SSH passwords via brute-force.
Security researchers advise ComfyUI users to ensure their instances are not exposed to the public internet without strong authentication (such as a VPN or reverse proxy with Auth) and to audit installed custom nodes for "shell execution" capabilities.
Source
Original Title: Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign
URL: https://thehackernews.com/2026/04/over-1000-exposed-comfyui-instances.html
