Upscaler-4K Malicious Node Pack Post Mortem
Banned from Comfy Registry 4 days after publication
Summary
Between October 17th and 19th, 2024, a malicious actor uploaded two node packs to the Comfy Registry containing the malware. Following a flag from an automated security scanner and manual review by the Registry team, the malicious versions were banned on October 21st. Before the ban was implemented, these nodes were downloaded a total of 790 times.
The Timeline of Events
Oct 17 – Oct 19, 2025: Two node packs were published to the registry by the user
lonemilk:lonemilk-upscalernew-4kupscaler-4k
Oct 19, 2025: A third, similar-sounding pack (
ComfyUI-Upscaler-4K) was created by usereliseiborisov.Oct 21, 2025, 5:00 PM PST: An internal security scanner flagged suspicious code patterns in the
lonemilkpackages.Oct 21, 2025, evening: Registry maintainer Dr.Lt.Data reviewed the code and confirmed the malware.
Oct 21, 2025: All published versions of the malicious nodes were banned from the Comfy Node Registry (CNR).
Here is a screenshot showing the node packs banned in our database
Since it is still available for install through the Manager, is the EliseiBorisov Comfy-Upscaler-4K node clean?
Actually, I just checked and LoneMilk Upscaler 4K is also available for install. Am I out-of-date somewhere?