Chrome Extension “Bull Checker” Steals Tokens from Solana DeFi Users
Highlights
- Chrome extension Bull Checker had the permission to read and modify user data across different websites.
- The extension also added unauthorized instructions to legitimate transactions.
- Decentralized exchange Jupiter has advised Solana DeFi users to uninstall the extension immediately.
Decentralized trading platform Jupiter Exchange has recently published a detailed report on how Chrome Extension Bull Checker has been stealing tokens from Solana DeFi users over the past few weeks. Over the last week, several users reported losing the tokens leading to a detailed investigation.
Stop Using Chrome Extension Bull Checker
As reported by Jupiter Exchange, the Bull Checker Chrome Extension targeted several users on the Solana DeFi-related subreddits. Besides, it also allowed users to interact with decentralized applications (dApps) as usual, with transactions looking absolutely normal during simulations. However, after completing the transactions, the Chrome extension would maliciously transfer tokens to another wallet without the user’s knowledge.
Thus, Jupiter Exchange confirmed that there’s no vulnerability within the wallets or the dApps themselves, thereby confirming that the issue is solely due to the Bull Checker extension. Although the extension was supposed to be a read-only tool for viewing memecoin holders, it had permission to read and modify data across all websites, a major red flag overlooked by its users. The Jupiter Exchange added:
“After installing Bull Checker, it will wait till a user interacts with a regular dApp on the official domain, before modifying the transaction sent to the wallet to sign. After modification, the simulation result will still be “normal” and not appear to be a drainer”.
“If you have this extension (or similar extensions with extensive permissions you cannot trust), please remove it immediately,” noted Jupiter Exchanges.
Identification Of Malicious Extension
Over the last week, we received reports that a small number of users using Solana DeFi got drained.After extensive investigation, we have identified a malicious Chrome extension called “Bull Checker” that had targeted users on several… pic.twitter.com/pubayfmD9h
— Jupiter 🪐 (@JupiterExchange) August 19, 2024
Targeting Solana DeFi and Memecoin Traders
As per the investigation, Reddit account Solana_OG publicized the Chrome extension that was targeting Solana memecoin traders. This account lured the traders into downloading the extensions with the intent of stealing their assets.
Examples of affected transactions reveal that Bull Checker added malicious instructions to legitimate Jupiter and Raydium instructions, leading to the unauthorized transfer of tokens and authority to a malicious address. DeFi protocol Raydium has verified that at least one affected user was using the Bull Checker extension.
Jupiter Exchange has thus advised users to remove other similar extensions with extensive, untrusted permissions, and thus protect their assets. On the other hand, the CBOE removed the 19b-4 application from its website at the SEC’s request thereby reducing the possibility of a Solana ETF in the market.
- LBank Signs Sponsorship Deal with Argentine National Team, Launches $100M Bonus
- ASTER Leads Perp DEX Volumes Despite $4.8M Wintermute Transfers
- USDH Launch Boosts Hyperliquid Amid Competitive Market Pressure
- SEC to Decide on Six Spot XRP ETF Applications in October
- Ripple Partners with Ondo Finance to Tokenize U.S. Treasuries on XRPL
- Pepe Coin Price Bounce Likely as Support Zone Aligns With Rising Social Activity
- Solana Price Set for Recovery Amid Wyckoff Accumulation and Canary Capital ETF Filing
- Avalanche Price Could Surge to $50 as Transactions Jump 200%
- CHMPZ Price Prediction:Will This Net-Zero Community Token be the Next Gem?
- Ethereum (ETH) Price Set for a rebound as Whales Accumulate $1.6B ETH and Outflows Hit $622M
- HYPE Price Prediction As Bitwise Files For Hyperliquid ETF – Is $55 In Sight?
Why Trust CoinGape
CoinGape has covered the cryptocurrency industry since 2017, aiming to provide informative insights Read more…to our readers. Our journal analysts bring years of experience in market analysis and blockchain technology to ensure factual accuracy and balanced reporting. By following our Editorial Policy, our writers verify every source, fact-check each story, rely on reputable sources, and attribute quotes and media correctly. We also follow a rigorous Review Methodology when evaluating exchanges and tools. From emerging blockchain projects and coin launches to industry events and technical developments, we cover all facets of the digital asset space with unwavering commitment to timely, relevant information.
