Malicious Node on ComfyUI Steals Data from Crypto, Browser Users

Cryptocurrency users beware: A malicious ComfyUI node steals sensitive data like passwords, crypto wallet addresses, etc. Stay safe by using reputable sources and enabling two-factor authentication.

Cryptocurrency enthusiasts, beware! Security researchers at VPNMentor have reported a malicious custom node on the popular Stable Diffusion user interface_,_ ComfyUI to steal sensitive data like passwords, credit card details, and crypto wallet addresses.

According to VPNMentor’s report shared with Hackread.com, this malicious custom node, dubbed “ComfyUI_LLMVISION,” has been uploaded by a user named “u/AppleBotzz” on Reddit, and is potentially putting users at risk by stealing sensitive data.

Another Reddit user, u/_roblaughter_, discovered and reported it after noticing login attempts on their accounts after installing the compromised node.

For your information, the ComfyUI interface is designed for workflow customization and productivity enhancement, enhancing user experience and productivity when working with the powerful AI text-to-image generation model. It, by default, uses Python-built mini-programs called custom nodes to extend its functionality, automate tasks, perform computations, or connect to external services not natively supported by ComfyUI.

“ComfyUI_LLMVISION” presents itself as a user-friendly ComfyUI extension but in reality, it is programmed to steal sensitive data like passwords, credit card details, and browsing history, and transfer it to the attacker’s Discord server.

According to VPNMentor’s investigation, ComfyUI_LLMVISION’s installation on ComfyUI forces the Python package manager to install several packages, including malicious versions of OpenAI and anthropic Python.

Within these limitations, a function runs an encoded PowerShell command, which downloads the third stage of the malware and runs it. The second stage can steal crypto wallets, screenshot the user’s screen, steal device information, get IP info, and steal files with specific keywords or extensions.

It becomes hard to detect since it is concealed within custom install files for OpenAI and Anthropic libraries. However, it must be noted that ComfyUI remains secure.

The incident highlights the need for caution when integrating third-party components into AI workflows. Recent developments, like the sale of FraudGPT or WormGPT and hijacked Bing chat responses, show the versatile nature of risks associated with AI advancements.

To protect against risks associated with open-source, third-party AI tools, exercise caution when downloading and installing custom nodes or extensions, prefer reputable repositories and developers, regularly scan systems for malware, and use strong, unique passwords for all online accounts. Enabling two-factor authentication can further enhance security.

1. VMCONNECT: Malicious PyPI Package Mimick Python Tools
2. AMOS Stealer Variant Targets Safari Cookies, Crypto Wallets
3. New Malware “BunnyLoader 3.0” Steals Credentials and Crypto
4. Python in Threat Intelligence: Analyzing, Mitigating Cyber Threats
5. JaskaGO Malware Targets Mac, Windows for Crypto, Browser Data