Impact-Pack, a popular plug-in in the ComfyUI community, was recently discovered to have serious security vulnerabilities. The Ultralytics package (versions 8.3.41 and 8.3.42) it relies on was implanted with a cryptocurrency mining virus. The virus runs in the background, consumes a lot of system resources, and automatically deletes its own files to evade detection. Due to the popularity of Impact-Pack, many users may have been affected. This incident has attracted widespread attention and once again reminded users to pay attention to software security.
Recently, Impact-Pack, a popular plug-in in the ComfyUI community, was exposed to have serious security vulnerabilities, causing the Ultralytics package (versions 8.3.44 and 8.3.42) it relied on to be implanted with a cryptocurrency mining virus by hackers.
Since Impact-Pack is a plug-in that almost every user has installed, many people may have been affected by it. The virus automatically downloads and executes malicious programs through maliciously modified Ultralytics packages, and connects to the suspicious mining pool address (connect.consrensys.com:8080) to perform mining operations. Viruses run silently in the background, seriously occupying system resources, and automatically delete executable files to evade detection.
At present, it is unclear how the hacker attacked, and there is no clear evidence that other packages have been affected by the same attack. Some developers suspect that the incident may be related to insider leaks. Fortunately, this vulnerability only involves the Ultralytics package on PyPI (the official Python package repository). Users can choose to install the dependency directly through GitHub, or use the fixed version 8.3.43 to ensure system security.
In view of the hidden nature of the vulnerability, officials have recommended that all affected users immediately uninstall the problematic plug-ins and dependent packages and conduct a system security scan to ensure that malicious files are removed. In addition, users should carefully choose the source of plug-ins and pay attention to official updates in a timely manner to avoid similar attacks again.
Address|:https://comfyui-wiki.com/zh/news/2024-12-05-comfyui-impact-pack-virus-alert#google_vignette
This incident once again reminds us that we must be cautious when installing and using software, choose reliable software sources, and update software versions in a timely manner to minimize security risks. It is hoped that the ComfyUI community can fix the vulnerability as soon as possible and strengthen security protection measures to ensure the safety of users.