Malicious Chrome Extension ”Bull Checker” Bypasses Solana Security, Drains User Wallets
Join
Our
Telegram
channel
to
stay
up
to
date
on
breaking
news
coverage
Decentralized
exchange
aggregator
Jupiter
has
issued
a
warning
to
users
about
a
malicious
Chrome
extension
called
“Bull
Checker”
that
has
successfully
bypassed
Solana
security
measures
and
drained
the
wallets
of
several
users.
According
to
an
Aug.
20
post
by
Jupiter’s
pseudonymous
founder
Meow,
the
extension
targets
Solana
users
on
Reddit
and
is
falsely
promoted
as
a
tool
to
view
specific
meme
coin
holders.
Bull
Checker
Extension
Able
To
get
Past
Solana
Drainer
Checks
Meow
said
the
extension
was
able
to
bypass
Solana
simulation
checks
to
“appear
normal.”
He
subsequently
urged
his
followers
to
immediately
remove
the
browser
add-on
if
they
installed
it.
Over
the
past
few
days,
our
team
and
mods
headed
by
@0xSoju
&
@0xYankee
have
spent
endless
hours
trying
to
find
out
the
root
cause
of
some
attacks
on
Solana
DeFi
users.With
the
help
of
@offside_labs,
@blowfishxyz
&
others,
we
have
identified
a
malicious
extension
called “Bull…
https://t.co/jmzOWKE7P8
pic.twitter.com/KKiHJhI7dx—
meow
喵
(@weremeow)
August
19,
2024
Users
of
the
extension
can
interact
with
decentralized
applications
as
they
usually
would.
With
each
transaction
on
the
decentralized
applications,
the
simulation
would
appear
normal
as
well.
However,
users
run
the
risk
of
having
their
tokens
transferred
to
another
wallet
when
the
transaction
is
completed.
Meow
said
that
the
Bull
Checker
extension
would
ask
users
to
accept
“read
and
write”
data,
and
added
that
a
legitimate
wallet-monitoring
extension
would
only
ever
ask
for
“read-only”
permission.
Amount
Of
Crypto
Lost
To
Hacks
Has
Almost
Doubled
Since
The
Start
Of
2024
The
investigation
found
that
the
Reddit
account
Solana_OG
was
marketing
the
malicious
Chrome
extension.
Examples
of
transactions
that
were
tampered
with
reveal
that
Bull
Checker
added
its
own
custom
instructions
to
legitimate
Jupiter
and
Raydium
transactions.
This
led
to
the
unauthorized
transfer
of
tokens
and
authority
to
a
malicious
address.
This
Bull
Checker
exploit
is
part
of
the
growing
number
of
scams
and
hacks
in
the
crypto
space
this
year.
A
report
by
Chainalysis
revealed
that
the
value
of
crypto
that
has
been
lost
to
hacks
has
nearly
doubled
to
$1.6
billion
in
just
the
first
7
months
of
2024.
The
surge
in
crypto-related
crimes
is
due
to
the
rising
value
of
cryptos
since
the
start
of
the
year,
the
report
said.
Related
Articles:
PlayDoge
(PLAY)
–
Newest
ICO
On
BNB
Chain
-
2D
Virtual
Doge
Pet -
Play
To
Earn
Meme
Coin
Fusion -
Staking
&
In-Game
Token
Rewards -
SolidProof
Audited
–
playdoge.io
Join
Our
Telegram
channel
to
stay
up
to
date
on
breaking
news
coverage
Comments are closed.