A widespread and active botnet campaign is systematically targeting internet-exposed instances of ComfyUI, a popular graphical user interface for the Stable Diffusion AI image generation framework. The attackers' objective is to compromise these systems and enlist them into a dual-purpose botnet designed for illicit cryptocurrency mining and acting as proxy nodes for other malicious traffic. Security researchers have identified that the campaign has already successfully compromised over a thousand vulnerable servers, turning valuable computational resources—often hosted on expensive cloud infrastructure—into a revenue stream for the threat actors.
The attack methodology is highly automated and aggressive. The threat actors operate a purpose-built Python scanner that continuously sweeps through IP address ranges belonging to major cloud service providers. This scanner is specifically designed to identify publicly accessible ComfyUI instances. Upon discovering a target, the scanner checks if the system is already part of the botnet or if it has been compromised by a competing cryptojacking group. If the instance is clean and vulnerable, the attack proceeds automatically to the exploitation phase.
The exploitation leverages a critical vulnerability in the ComfyUI-Manager, a popular extension for managing custom nodes and workflows within the ComfyUI ecosystem. By exploiting this security flaw, the attackers can achieve remote code execution (RCE) without requiring authentication. This allows their automated scripts to download and execute a malicious payload directly on the server. The primary payload is a cryptocurrency miner, typically a variant of the XMRig software configured to mine Monero (XMR), a privacy-focused cryptocurrency favored by cybercriminals due to its difficulty to trace.
In addition to cryptojacking, the compromised nodes are weaponized to form a proxy botnet, also known as a residential proxy network. This network can be rented out to other criminals to anonymize a wide range of malicious activities, including credential stuffing attacks, ad fraud, web scraping, and bypassing geographic restrictions. This dual monetization strategy—direct mining revenue plus income from selling proxy access—makes the campaign particularly lucrative and persistent. System administrators and developers using ComfyUI are urged to immediately ensure their instances are not exposed to the public internet without robust authentication, apply all security updates for ComfyUI and the ComfyUI-Manager, and monitor their cloud resources for unusual spikes in CPU/GPU usage or unexpected network traffic.
