Back to the Blog Main Page
20/08/24
65
Beware ‘Bull Checker’: New Chrome Extension Targets Solana Users with Wallet Draining Scheme
Jupiter, a decentralized exchange aggregator, has recently announced the discovery of a dangerous browser extension that has targeted users within the Solana ecosystem. Named “Bull Checker,” this malicious Google Chrome extension lured potential victims by masquerading as a tool designed to display the holders of specific memecoins. Unfortunately, the extension has already succeeded in draining the wallets of multiple users.
In a recent advisory, the founder of Jupiter indicated that “Bull Checker” was capable of evading detection by appearing to operate normally during Solana simulation checks. Despite its deceptive appearance, the extension functions as a wallet drainer, silently siphoning funds from unsuspecting users. After installation, it waits for users to engage with legitimate decentralized applications (DApps) before altering the transaction details to redirect funds to an unauthorized wallet.
The extension requests extensive permissions from users, specifically the ability to “read and write” data. This should raise immediate concerns, as legitimate wallet-checking extensions typically require only “read-only” access. Despite these warnings, many users have continued to install and utilize the extension without recognizing the inherent risks.
As users interact with DApps, everything may seem normal; however, their tokens can be surreptitiously transferred to another wallet without their knowledge at the time of transaction completion. Although one user claimed to have earned $3,000 in just a week using the malicious extension, they did not elaborate on the details.
Jupiter has reassured its community that its investigation found no vulnerabilities in any major DApps or wallets on the Solana network. This incident follows a troubling period for the Solana community, marked by the recent shutdown of the Cypher Protocol due to an estimated $1 million exploit and further concerns surrounding the security of memecoin-related activities.
Promotions
