Executive Summary
In April 2026, over 1,000 internet-exposed instances of ComfyUI, a popular stable diffusion platform, were targeted in a sophisticated cryptomining botnet campaign. Attackers utilized a custom Python scanner to identify vulnerable ComfyUI deployments, exploiting misconfigurations that allowed remote code execution via custom nodes. Upon successful exploitation, compromised hosts were enlisted into a botnet mining Monero and Conflux cryptocurrencies, managed through a Flask-based command-and-control dashboard. The campaign also employed persistence mechanisms to maintain control over infected systems. This incident underscores the critical need for securing internet-facing applications and services, as attackers continue to exploit misconfigurations and vulnerabilities to deploy cryptomining operations. Organizations must prioritize regular security assessments, implement robust authentication mechanisms, and monitor for unauthorized activities to mitigate such threats.
Why This Matters Now
The rapid exploitation of ComfyUI instances highlights the urgency for organizations to secure internet-facing applications against evolving threats. As attackers increasingly target misconfigurations to deploy cryptomining botnets, proactive security measures are essential to prevent unauthorized access and resource hijacking.
Attack Path Analysis
Attackers systematically scanned for internet-exposed ComfyUI instances, exploiting misconfigurations to achieve remote code execution. They installed malicious nodes to gain control, escalated privileges by deploying custom nodes, and moved laterally by compromising additional instances. A Flask-based command-and-control dashboard was established to manage the botnet, facilitating cryptomining and proxy operations. While data exfiltration was not the primary goal, the attackers' control over the systems posed a risk of data theft. The impact included unauthorized resource usage for Monero and Conflux mining, leading to financial losses and potential service disruptions.
Kill Chain Progression
Initial Compromise
Description
Attackers scanned for internet-exposed ComfyUI instances and exploited misconfigurations to achieve remote code execution.
Related CVEs
CVE-2025-67303
CVSS 7.5An information disclosure vulnerability in ComfyUI-Manager prior to version 3.38 allows remote attackers to access and manipulate application configuration and critical data through the web interface.
Affected Products:
Comfy ComfyUI-Manager – < 3.38
Exploit Status:
proof of conceptCVE-2026-22777
CVSS 7.5A configuration injection vulnerability in ComfyUI-Manager versions prior to 3.39.2 and 4.0.5 allows attackers to inject special characters into HTTP query parameters, enabling unauthorized modification of security settings and application behavior.
Affected Products:
Comfy ComfyUI-Manager – < 3.39.2, 4.0.0 - 4.0.4
Exploit Status:
proof of concept
MITRE ATT&CK® Techniques
Compromise Infrastructure: Botnet
Resource Hijacking
Exploit Public-Facing Application
Command and Scripting Interpreter: Python
Valid Accounts
Remote Services: SMB/Windows Admin Shares
Ingress Tool Transfer
Potential Compliance Exposure
Mapping incident impact across multiple compliance frameworks.
PCI DSS 4.0 – Ensure all system components are protected from known vulnerabilities
Control ID: 6.2
NYDFS 23 NYCRR 500 – Cybersecurity Policy
Control ID: 500.03
DORA – ICT Risk Management Framework
Control ID: Article 5
CISA ZTMM 2.0 – Identity Management and Access Control
Control ID: Identity
NIS2 Directive – Cybersecurity Risk Management Measures
Control ID: Article 21
Sector Implications
Industry-specific impact of the vulnerabilities, including operational, regulatory, and cloud security risks.
Computer Software/Engineering
ComfyUI platform targeting exposes AI development environments to cryptomining botnets, compromising cloud instances and enabling lateral movement through unencrypted traffic.
Entertainment/Movie Production
Stable diffusion platforms used for content creation vulnerable to botnet exploitation, risking production infrastructure and intellectual property through malicious nodes.
Marketing/Advertising/Sales
AI-powered creative workflows using ComfyUI face cryptomining attacks that could compromise campaign data and client information through exposed cloud instances.
Design
Design studios utilizing AI generation tools exposed to automated scanner attacks that install malicious proxy nodes, threatening project confidentiality and system integrity.
Sources
- Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaignhttps://thehackernews.com/2026/04/over-1000-exposed-comfyui-instances.htmlVerified
- CVE-2025-67303: ComfyUI-Manager Information Disclosure Flawhttps://www.sentinelone.com/vulnerability-database/cve-2025-67303/Verified
- CVE-2026-22777: ComfyUI-Manager Injection Vulnerabilityhttps://www.sentinelone.com/vulnerability-database/cve-2026-22777/Verified
Frequently Asked Questions
Cloud Native Security Fabric Mitigations and ControlsCNSF
Aviatrix Zero Trust CNSF is pertinent to this incident as it could have limited the attacker's ability to exploit misconfigured ComfyUI instances, thereby reducing the potential for lateral movement and unauthorized resource usage.
Control: Cloud Native Security Fabric (CNSF)
Mitigation: Implementing Aviatrix CNSF may have constrained unauthorized access by enforcing strict security policies, thereby reducing the likelihood of initial exploitation.
Control: Zero Trust Segmentation
Mitigation: Zero Trust Segmentation would likely have restricted unauthorized privilege escalation by enforcing least-privilege access controls.
Control: East-West Traffic Security
Mitigation: East-West Traffic Security may have curtailed lateral movement by monitoring and controlling internal traffic between workloads.
Control: Multicloud Visibility & Control
Mitigation: Multicloud Visibility & Control would likely have detected and constrained unauthorized command-and-control channels.
Control: Egress Security & Policy Enforcement
Mitigation: Egress Security & Policy Enforcement may have limited potential data exfiltration by controlling outbound traffic.
The implementation of Aviatrix Zero Trust CNSF could have reduced the blast radius of the attack, thereby limiting the extent of unauthorized resource usage and associated financial losses.
Impact at a Glance
Affected Business Functions
- AI Model Processing
- Data Analysis
- Cloud Computing Services
Estimated downtime: 7 days
Estimated loss: $50,000
Potential exposure of AI model configurations and sensitive data processed by ComfyUI instances.
Recommended Actions
Key Takeaways & Next Steps
- • Implement Zero Trust Segmentation to restrict unauthorized access and limit lateral movement within the network.
- • Enforce Egress Security & Policy Enforcement to monitor and control outbound traffic, preventing unauthorized data exfiltration.
- • Deploy Inline IPS (Suricata) to detect and block known exploit patterns and malicious payloads.
- • Utilize Multicloud Visibility & Control to gain centralized visibility and manage policies across cloud environments.
- • Apply Kubernetes Security (AKF) to secure containerized applications and enforce namespace policies.
