Solana Users Targeted with Malicious Chrome Extension

As a researcher with years of experience in the cryptocurrency space, I’ve seen my fair share of scams and malicious activities. The latest one to catch my eye is this “Bull Checker” Chrome extension that has been preying on unsuspecting users, particularly those in Solana-based decentralized exchange communities.


The Solana-linked, decentralized exchange collector Jupiter has alerted users regarding a harmful Chrome add-on named “Bull Checker.”

Multiple Reddit communities associated with a well-known “competitor of Ethereum” have been deliberately focused on by a misleading browser add-on.

“Bull Checker” appears as a seemingly harmless, read-only add-on designed primarily for users to verify their digital currencies.

Instead, it’s important to note that the true intent of this add-on is to deceive innocent users into moving their assets to a different digital wallet.

It is worth noting that “Blue Checker” can read and change all your data on a website. This should be treated as a major red flag since such an extension would not normally need this sort of permission. 

1. The extension successfully emptied its victims’ wallets by altering transactions within a decentralized app (dApp). These unconfirmed transactions were sent to a distant server, where they were processed by a drainage software.

As someone who has been actively involved in the world of cryptocurrency for several years now, I can confidently say that the recent surge in popularity of meme coins like Dogecoin and Shiba Inu has caught my attention. However, my excitement was quickly dampened when I learned about the malicious extension that specifically targeted Reddit users interested in trading these types of digital assets. Having experienced my fair share of cyber threats in this field, I can’t help but feel a sense of caution whenever new trends emerge. It’s always important to stay vigilant and prioritize security measures when investing or trading cryptocurrencies.

Although “BlueChecker” has been revealed as a fraud, it’s possible that other deceptive browser extensions remain undetected. Therefore, it’s crucial for users to remain cautious and uninstall any extensions that seem suspicious, particularly those requiring excessive permissions.

As someone who has been a long-time user of Google Chrome and a cryptocurrency enthusiast, I can’t help but feel a sense of unease after hearing about the malicious Aggr extension that infiltrated the Chrome Store earlier this year. This incident serves as a stark reminder of how vulnerable we are when it comes to online security, especially in the world of cryptocurrencies where the stakes are high and the threats are ever-evolving. I’ve personally lost money to cybercriminals before, and let me tell you, it’s a feeling that lingers long after the funds have been drained from your account. It’s disheartening to see such malicious activities continue to thrive in the digital landscape, but it also underscores the importance of staying vigilant and being cautious when using any online service or tool. I hope that companies like Google will take steps to ensure the safety and security of their users, and that we as individuals will continue to educate ourselves on the risks and take necessary precautions to protect our hard-earned assets.

Read More

2024-08-20 09:12