🔥Early Access List: Land A High Paying Web3 Job In 90 Days LEARN MORE

Solana DeFi users hit by malicious ‘Bull Checker’ extension

In this post:

  • Jupiter reported a malicious browser extension, ‘Bull Checker,’ targeting Solana users.
  • The extension drained users’ wallets by moving tokens during regular dApp interactions.
  • Jupiter urges users to uninstall any extensions with read and change permissions immediately.

Jupiter’s latest report flagged a new malicious browser extension that has allegedly drained several Solana users’ wallets. After an extensive investigation, the decentralized exchange aggregator identified the extension called ‘Bull Checker’ targeting Solana-related subreddits.

Rapid action comes into play by the DEX as the reports of a small number of users using Solana DeFi got drained over the last week.

Jupiter red flags ‘Bull Checker’

Pseudonymous Jupiter founder Meow mentioned in an X post that a team headed by the platform spent long hours trying to figure out the root cause of some attacks on Solana DeFi users. They found out that ‘Bull Checker’ was targeting Reddit users on Solana and other subreddits.

The report suggests that users with this extension were interacting with dApps normally but carried the possibility of their tokens being maliciously moved to another wallet upon transaction completion. It added that no vulnerability was found in any of the dapps or wallets.

It advised the users who are still using the extension or extensions with extensive permissions out of reach to be removed immediately. The investigation found that the ‘Bull Checker’ holds permission to read and change all the data on the website. This turns out to be a potential cause.

See also  Monochrome Asset Management files for 'Australia’s first' spot Ether ETF

The report highlighted that Raydium has confirmed that their affected user has the same extension installed. However, the malicious browser extension was supposed to be a read-only extension that allowed users to view the holders of meme coins. It added that there should be no need for an extension like this to read or write data on all websites. Several users continued to install and use the extension.

Meow issues advisory

Meow advised that one malicious extension has been identified for now, but there might still be other such extensions that can impact the users. More reports of drains have not been able to be tracked down. If a user suspects an extension has both read and change permissions, uninstall it immediately. Don’t fall for hype; just because something gets upvotes on Reddit doesn’t make it safe, it added.

This comes at a time when Solana based meme coins were having a hard time in the market. DogWifHat (WIF) price saw a decline of 37% in the last 30 days, and BONK price has dropped by around 40% in the same period.

See also  Ripple CEO: 'Japan’s leaders are committed to advancing crypto'

Solana (SOL) and Jupiter (JUP) prices have also seen a plunge of 15% and 22% over the last month impacting its entire ecosystem. SOL is trading at an average price of $147.11, at press time. Its 24-hour trading volume is up by 10% to stand at $2.29 billion.

Share link:

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Related News

Donald Trump pledges 100% tariff on countries abandoning the dollar
Cryptopolitan
Subscribe to CryptoPolitan

Interested in launching your Web3 career and landing a high-paying job in 90 days?

Leading industry experts show you how with this bran new course: Crypto Career Launchpad

Join the early access list below and be the first to know when the course opens its doors. You’ll also save $100’s off the regular launch price.