Beware of AI Pickpockets: Pickai Backdoor Spreading Through ComfyUI Vulnerability

June 13, 2025, 8:29 a.m.

Description

A new backdoor named Pickai is exploiting ComfyUI vulnerabilities to spread and steal sensitive AI data. Developed in C++, Pickai offers remote command execution and reverse shell capabilities with strong persistence and evasion techniques. It uses multiple C2 servers for redundancy and has infected nearly 700 devices globally. The malware is hosted on Rubick.ai, an AI e-commerce platform serving major brands, posing significant supply chain risks. Pickai employs various obfuscation methods, including string encryption, process disguise, and multiple persistence mechanisms. Its network communication uses a three-tier timing strategy for C2 communication and device information reporting.

External References

https://blog.xlab.qianxin.com/pickai_backdoor_exploits_comfyui-is-your-ai-at-risk_cn/
https://otx.alienvault.com/pulse/684bd7d3b9ea8f2eadcc407c
Tags
backdoor
evasion
vulnerability
persistence
c2
supply chain attack
2025-06-13
pickai
comfyui
ai data theft

Date

  • Created: June 13, 2025, 7:48 a.m.
  • Published: June 13, 2025, 7:48 a.m.
  • Modified: June 13, 2025, 8:29 a.m.

Indicators

  • 80.75.169.227
  • 195.43.6.252
  • 38.180.207.9
  • 154.68.72.34
  • 102.214.30.199
  • https://rubick.ai/wp-content/vim.json
  • https://rubick.ai/wp-content/tmux.conf
  • http://78.47.151.49:8878/wp-content/x64
  • https://rubick.ai/wp-content/config.json
Download all indicators here!

Attack Patterns

  • Pickai

Additional Informations

  • Retail
  • Technology
  • China
  • Germany
  • United States of America