The Jupiter exchange has issued a warning regarding a malicious Chrome extension named “Bull Checker”, which is reportedly targeting Solana users. This alert follows several complaints from Solana decentralized finance (DeFi) users about their crypto wallets being drained.
Identification of Malicious Extension
In an August 19 post, the Jupiter team shared that they conducted extensive investigations into these complaints and identified the Bull Checker extension as the culprit. Reports indicate that a small number of Solana DeFi users were affected by this malicious extension.
Over the last week, we received reports that a small number of users using Solana DeFi got drained. After extensive investigation, we have identified a malicious Chrome extension called βBull Checkerβ that had targeted users on several platforms.
According to the team, Bull Checker targeted members of various Solana subreddits. Although the extension allowed users to interact normally with decentralized applications (dApps) on Solana, it discreetly added malicious instructions to transactions, transferring usersβ tokens to another address.
When installed, Bull Checker requests permission to read and change all data on the website, which the Jupiter team pointed out is unnecessary for a read-only extension. Despite this red flag, several users continued to install and use the extension.
Promotion and Distribution
The extension was allegedly promoted by an anonymous Reddit user with the pseudonym βSolana_OG.β This user targeted members of different Solana subreddits, encouraging them to download the extension, claiming to have made $3,000 in a week by using it.
As of now, the extension appears to have been removed from the Chrome Web Store, displaying a notice that it is no longer available. However, the Jupiter exchange team advises users to remain vigilant for similarly malicious extensions. They recommend being cautious of extensions that ask for “read” and “change” permissions.
Jupiter also warned users to be wary of all recommendations and popular tools, as scammers may employ social engineering tactics to gain the confidence of potential victims.
The Jupiter exchange reassured users that no vulnerabilities were found in any major dApps or wallets on Solana during their investigations. Stay informed and cautious to protect your crypto assets.
For more updates on cryptocurrency news, continue exploring Global Crypto News.