Jun 11, 2024 16:00:00

It was discovered that a keylogger had been installed in the node of the image generation software 'ComfyUI', and all inputs such as credit card information and passwords were leaked

It was discovered that one of the nodes 'ComfyUI_LLMVISION' created for the node-based image generation software '

ComfyUI ' was infected with malware. After this discovery, the GitHub repository for ComfyUI_LLMVISION was deleted.

Creator Rob Laughter shared on Reddit that if you install and use ComfyUI_LLMVISION, your browser passwords, credit card information, and browsing history will be sent to a Discord server via webhook.

Rafter himself was also affected, and about a week after installing ComfyUI_LLMVISION, he began receiving a large number of 'malicious login notifications' from many services.

ComfyUI is an AI execution interface that can perform various functions by combining nodes, and there are various nodes made for ComfyUI. ComfyUI_LLMVISION was a node that specifically advertised 'integration of GPT-4 and Claude 3.'

According to Rafter, the ComfyUI_LLMVISION node's 'requirements.txt' contains custom wheels for the OpenAI and Anthropic libraries, and these wheels contain malicious code.

The wheels are labeled '1.16.2' or '1.30.2' and you can download them, unzip them and see what's inside.

If the wheel is 1.16.2, the package contains '/lib/browser/admin.py', which reads browser data and saves it in a subdirectory called pre_XXXX_suf in the temp directory. In this subdirectory, there are C.txt and F.txt files for Chrome and Firefox, which contain encrypted strings. When decrypted, it turns out to be a Discord webhook: 'https://discord.com/api/webhooks/1226397926067273850/8DRvc59pUs0E0SuVGJXJUJSwD_iEjQUhq-G1iFoe6DjDv6Y3WiQJMQONetAokJD2nwym'. According to Rafter, this file sends user data to the above webhook.

If 1.30.2 is installed, you will find 'openai/_OAI.py' inside. There are two encrypted strings inside, which are Pastebin links. The first Pastebin link is an encrypted string, which when decrypted reveals another Discord webhook: 'https://discord.com/api/webhooks/1243343909526962247/zmZbH3D5iMWsfDlbBIauVHc2u8bjMUSlYe4cosNfnV5XIP2ql-Q37hHBCI8eeteib2aB'. The second link contains the URL of a potentially malicious file, 'VISION-D.exe', which is downloaded and executed by the script.

If you remember installing ComfyUI_LLMVISION and want to check if you are affected, check C:\Users\username\AppData\Local\Temp, look for a directory with the format 'pre_XXXX_suf', and check if there is a 'C.txt' and 'F.txt' inside. If it exists, your data is at risk.

In addition, data may be at risk if the following packages are present in 'python_embeddedsite-packages'.
・openai-1.16.3.dist-info
・anthropic-0.21.4.dist-info
・openai-1.30.2.dist-info
anthropic-0.26.1.dist-info

Alternatively, if you check the Windows Registry under 'HKEY_CURRENT_USER' and see that the FunctionRun value is set to 1, your data may also be compromised.

As far as Rafter knows, the only solutions to this issue are to remove the package, delete the key in the Windows registry, delete the following file, or run a malware scan:
・lib/browser/admin.py
・lib/browser/admin.py
・Fadmino.py
・VISION-D.exe

'From now on, I will be more careful with all custom nodes and extensions I install. I never thought this community would be scare-free, but it seems some do. The creators are shit.'