Cybersecurity researchers have uncovered an ongoing campaign actively compromising over 1,000 internet-exposed instances of ComfyUI, the widely-used stable diffusion platform, to recruit them into a cryptocurrency mining and proxy botnet operation.
The attack leverages a purpose-built Python scanner that systematically probes major cloud IP ranges in search of vulnerable targets. Once identified, the malicious infrastructure automatically deploys harmful nodes through ComfyUI-Manager—the platform's extension system—particularly when no existing exploitable node is already present on the compromised instance.
ComfyUI has emerged as a popular choice for developers and organizations running generative AI workflows, making its exposed instances attractive targets for threat actors seeking computational resources. The botnet operators are exploiting misconfigurations and inadequate security controls to gain unauthorized access without requiring complex exploitation techniques.
The dual-purpose nature of this campaign—combining both cryptomining and proxy functionality—allows attackers to monetize compromised systems while also leveraging them as infrastructure for launching further attacks or masking malicious traffic. This hybrid approach maximizes the value extracted from each captured machine.
The discovery highlights growing risks associated with deploying AI infrastructure without proper network segmentation and access controls. Organizations running ComfyUI or similar platforms in cloud environments are urged to immediately review their security posture, restrict network exposure to trusted sources only, and implement robust authentication mechanisms.
Users should audit their ComfyUI installations for any unauthorized nodes, monitor system performance for signs of unexpected resource consumption, and apply the latest security updates. The simplest protective measure remains limiting internet accessibility to administrative interfaces and only exposing necessary endpoints to legitimate users.
This campaign underscores a broader trend of threat actors targeting AI and machine learning infrastructure as computing resources become increasingly valuable for both legitimate and malicious purposes. As organizations continue expanding their AI deployments, security must remain a foundational consideration from initial setup through ongoing operations.