⚠️ Malware Infecting unsecured Node-RED servers


There have been a growing number of reports of unsecured instances of Node-RED having a crypto-mining flow automatically deployed on them.

This is a result of exposing Node-RED on the internet without having applied any security - something we strongly advise against.

If you have been affected, the only safe option is to wipe and reinstall the server/device running Node-RED.

You must also ensure you properly secure Node-RED. At a bare minimum, you should enable adminAuth as described in the documentation.

There is more information about best practices when exposing Node-RED on the Internet here.


Node Red create Flows "automatically"
Help! How Fix it i got bitcoin mulware
Securing Node-Red
OPC UA Client Browse Action has no attributes
Red-node Crashs
made this a banner . It will appear at the top of every page until it is dismissed by the user. #2

removed this banner . It will no longer appear at the top of every page. #3