AI Image Servers Turned Into Digital Goldmines: The ComfyUI Cryptomining Takeover

In the shadowy corners of the Internet, a new breed of cybercriminal is turning the AI revolution into a lucrative racket. Behind the friendly face of ComfyUI - an open-source, node-based tool beloved by AI image enthusiasts - lurks a growing campaign of hijacked servers, transformed into silent engines of cryptocurrency mining and underground proxy networks.

From Art to Exploitation: How Hackers Seized ComfyUI

ComfyUI, a popular interface for AI image generation, is designed for flexibility - allowing users to add powerful “custom nodes” for new features. But this very extensibility is now its Achilles’ heel. Security researchers have uncovered a sophisticated campaign in which attackers systematically scan cloud providers like AWS, GCP, and Oracle Cloud, hunting for ComfyUI instances left exposed without authentication.

The hackers’ toolkit is both simple and effective. First, lightweight scripts sweep the Internet for live ComfyUI endpoints. Once a target is found, a purpose-built Python scanner probes for nodes capable of running arbitrary Python code. If found, the attacker injects a malicious workflow, instantly gaining remote code execution - no zero-day required. Even if the most dangerous nodes are absent, the attackers can install their own backdoor node using ComfyUI’s built-in manager functions.

Fileless Malware and Persistent Threats

The real magic begins once a server is compromised. The attackers deploy “Ghost,” a multi-component malware loader that installs XMRig and lolMiner for Monero and Conflux mining, respectively. To avoid leaving a trace, the malware executes directly in memory (a fileless technique), and, if granted root, hides itself using a custom Linux rootkit. The system’s watchdogs are no match - backup copies, hidden directories, and tamper-proof flags ensure the mining and proxy operations survive reboots and manual cleaning attempts.

But cryptomining is only half the scheme. Each hijacked server also joins a Hysteria-based proxy botnet, masquerading as legitimate HTTPS traffic. These proxy nodes are managed centrally, with unique IDs and detailed hardware stats logged in a Flask-powered dashboard. The criminal operators can resell proxy access or use it to mask further attacks, creating a self-sustaining, monetizable network.

Wider Implications and Defensive Moves

This campaign illustrates a dangerous convergence: the AI community’s hunger for fast, flexible tools is being weaponized by cybercriminals with minimal effort. As the attackers’ tools evolve, defenders must treat platforms like ComfyUI as production-grade software. Internet exposure without strong authentication is a ticking time bomb. Admins are urged to disable risky custom nodes, monitor for suspicious additions or unexplained mining traffic, and review workflows for signs of compromise.

The hijacking of ComfyUI servers is a stark warning: in the rush to harness AI’s creative power, security can’t be an afterthought. As cybercriminals adapt, so must the guardians of digital infrastructure - before the next gold rush leaves even more machines digging for someone else’s fortune.

WIKICROOK

• Remote Code Execution (RCE): Remote Code Execution (RCE) is when an attacker runs their own code on a victim’s system, often leading to full control or compromise of that system.
• Fileless Malware: Fileless malware is malicious software that runs in a computer’s memory, avoiding disk storage and making it difficult for traditional security tools to detect.
• Rootkit: A rootkit is stealthy malware that hides itself on a device, allowing attackers to secretly control the system and evade detection.
• Proxy Botnet: A proxy botnet is a group of hijacked devices used by attackers to relay malicious activity and conceal their real identities.
• GPU Mining: GPU mining leverages graphics cards to efficiently solve complex calculations for cryptocurrency, offering advantages in speed and energy use over CPU mining.