ATLA WIRE

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

09.04.2026
18017
Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign
Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

🚨 BREAKING: 1,000+ ComfyUI Instances Pwned in Massive Botnet Attack

Yikes — over 1,000 exposed ComfyUI instances just got absolutely wrecked by a cryptomining botnet campaign. Threat actors are exploiting unauthenticated remote code execution (RCE) vulnerabilities to hijack these AI workflow tools, turning them into Monero-mining zombies and expanding their botnet army.
Article image 1
ComfyUI — that popular open-source AI workflow tool for Stable Diffusion — is getting absolutely rinsed because users are leaving instances exposed online without authentication. Attackers scan for these vulnerable endpoints, drop malicious payloads via RCE, and boom: instant cryptojacking infrastructure.
The campaign’s MO: 1️⃣ Scan for exposed ComfyUI instances (default port 8188). 2️⃣ Exploit unauthenticated API endpoints to execute arbitrary code. 3️⃣ Deploy Monero (XMR) mining software to silently drain compute resources. 4️⃣ Use compromised nodes to spread further — classic botnet expansion play.
  • Target: Exposed ComfyUI instances (1,000+ identified)
  • Attack vector: Unauthenticated remote code execution (RCE)
  • Payload: Cryptomining malware (Monero/XMR focus)
  • Secondary function: Botnet recruitment for DDoS & further attacks
  • Risk level: Critical — easy exploitation, high impact
This isn’t just about stolen GPU cycles — it’s a full-on botnet build. Once inside, attackers can pivot to DDoS campaigns, data exfiltration, or deploying additional malware. ComfyUI’s flexibility (custom nodes, Python execution) becomes a double-edged sword when left unprotected.

“Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.” — The Hacker News

If you’re running ComfyUI publicly, lock it down NOW. Enable authentication, restrict network access, and monitor for unusual resource spikes. This attack proves that even niche AI tools are prime targets for automated exploitation.
Bottom line: Exposed AI infrastructure = free real estate for cryptojackers. Stay vigilant, patch configs, and maybe don’t leave your GPU farms wide open to the internet. 🛡️
Got a topic? Write to ATLA WIRE on Telegram:t.me/atla_community
Banner | ATLA WIRE
ATLA WIRE