Sign in Subscribe
1 min read

ComfyUI statement on the Ultralytics crypto miner situation.

A crypto miner was found in some versions of the ultralytics pip package.

Who is affected?

People who installed version v8.3.41 and v8.3.42 of the ultralytics pip package on Mac and Linux. Windows is not affected. My analysis of the compromised ultralytics package shows that the miner is only downloaded on Mac and Linux. This is most likely because the attack was targeted towards servers and not regular users.

Ultralytics is not a core ComfyUI dependency but it is a dependency of some very popular custom nodes like the ComfyUI-Impact-Pack. One of the compromised versions might have gotten installed if you installed a new version of some nodes that depend on it. Simply doing an update of custom nodes usually does not update the dependencies so only people who installed a completely new version while the compromised packages were up are likely affected.

You can check if you are affected by updating the ComfyUI manager which has been updated to check for these dependencies and warn the user or manually checking if you have v8.3.41 or v8.3.42 installed with: pip show ultralytics

What does it do?

The compromised ultralytics downloads a binary (crypto miner) on Mac and Linux to /tmp/ultralytics_runner and executes it.

How do I get rid of it?

Kill the /tmp/ultralytics_runner process, delete the file and make sure you have removed all compromised versions of the ultralytics package. The low sophistication of this attack lead me to believe that this is probably all you need to do to get rid of it but don't quote me on this.

How are we responding?

The ComfyUI manager was updated to flag and warn the user if they have a compromised version of the package. It will also automatically pin the ultralytics version to 8.3.40 which has been confirmed to be safe.

The desktop app has been updated with the latest version of the ComfyUI manager.

We are planning on implementing some sandboxing in our desktop app in the future to better protect against these types of attacks. One sandboxing solutions we are looking at is: https://learn.microsoft.com/en-us/windows/win32/secauthz/app-isolation-overview

I would like to thank everyone for their swift action in detecting and mitigating this issue.

If you have any concerns or questions feel free to reach out to us via email, matrix or on discord.

Published by: