Connect with us

Hi, what are you looking for?

Economy

Chrome Extension “Bull Checker” Steals Tokens from Solana DeFi Users

Decentralized trading platform Jupiter Exchange has recently published a detailed report on how Chrome Extension Bull Checker has been stealing tokens from Solana DeFi users over the past few weeks. Over the last week, several users reported losing the tokens leading to a detailed investigation.

Stop Using Chrome Extension Bull Checker

As reported by Jupiter Exchange, the Bull Checker Chrome Extension targeted several users on the Solana DeFi-related subreddits. Besides, it also allowed users to interact with decentralized applications (dApps) as usual, with transactions looking absolutely normal during simulations. However, after completing the transactions, the Chrome extension would maliciously transfer tokens to another wallet without the user’s knowledge.

Thus, Jupiter Exchange confirmed that there’s no vulnerability within the wallets or the dApps themselves, thereby confirming that the issue is solely due to the Bull Checker extension. Although the extension was supposed to be a read-only tool for viewing memecoin holders, it had permission to read and modify data across all websites, a major red flag overlooked by its users. The Jupiter Exchange added:

“After installing Bull Checker, it will wait till a user interacts with a regular dApp on the official domain, before modifying the transaction sent to the wallet to sign. After modification, the simulation result will still be “normal” and not appear to be a drainer”.

“If you have this extension (or similar extensions with extensive permissions you cannot trust), please remove it immediately,” noted Jupiter Exchanges.

Identification Of Malicious Extension Over the last week, we received reports that a small number of users using Solana DeFi got drained.

After extensive investigation, we have identified a malicious Chrome extension called “Bull Checker” that had targeted users on several… pic.twitter.com/pubayfmD9h

— Jupiter (@JupiterExchange) August 19, 2024

Targeting Solana DeFi and Memecoin Traders

As per the investigation, Reddit account Solana_OG publicized the Chrome extension that was targeting Solana memecoin traders. This account lured the traders into downloading the extensions with the intent of stealing their assets.

Examples of affected transactions reveal that Bull Checker added malicious instructions to legitimate Jupiter and Raydium instructions, leading to the unauthorized transfer of tokens and authority to a malicious address. DeFi protocol Raydium has verified that at least one affected user was using the Bull Checker extension.

Jupiter Exchange has thus advised users to remove other similar extensions with extensive, untrusted permissions, and thus protect their assets. On the other hand, the CBOE removed the 19b-4 application from its website at the SEC’s request thereby reducing the possibility of a Solana ETF in the market.

The post Chrome Extension “Bull Checker” Steals Tokens from Solana DeFi Users appeared first on CoinGape.

You May Also Like

Investing

Fisker (NYSE: FSR) stock price has been one of the best-performing electric vehicle (EV) stocks this week even as Tesla slumped. The shares jumped...

Investing

Newmont (NYSE: NEM) reported mixed financial results even as the price of gold approached its all-time high. In all, the company’s earnings per share...

Investing

The Fox Corporation (NASDAQ: FOX) stock price has been under pressure as investors come to terms with the abrupt firing of Tucker Carlson. The...

Investing

NatWest (LON: NWG) share price rose sharply, helped by the strong results from Barclays. The stock jumped to a high of 274.8p, which was...




Disclaimer: Oldamericanbroker.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the-company.


Copyright © 2024 Oldamericanbroker.com