As a seasoned analyst with years of experience in the crypto space, I’ve seen my fair share of scams and fraudulent activities. The recent incident involving the Bull Checker Chrome Extension is yet another reminder that we must always remain vigilant in this digital wild west.
The decentralized trading platform, Jupiter Exchange, has just released an in-depth report revealing that the Chrome Extension Bull Checker has been surreptitiously taking tokens from Solana DeFi users during the past few weeks. In the last week alone, multiple users have reported missing their tokens, prompting a thorough investigation.
Stop Using Chrome Extension Bull Checker
From my analysis perspective, I’ve uncovered some concerning behavior in the Bull Checker Chrome Extension. As reported by Jupiter Exchange, this tool has been covertly targeting users active on Solana DeFi-related subreddits. Despite appearing to function as a regular extension enabling interaction with decentralized applications (dApps), it was secretly siphoning off tokens from unsuspecting users’ wallets post-transaction. This malicious activity occurred stealthily, leaving users unaware of the asset transfers.
In summary, Jupiter Exchange has stated that the problem lies with the Bull Checker extension alone, as they’ve found no weaknesses in their wallets or decentralized applications (dApps). Despite being designed as a read-only tool for memecoin holders, this extension had permission to alter data on all websites, a significant security oversight that users may have missed. Jupiter Exchange further emphasized this point.
As a researcher, when I install Bull Checker, it’s designed to remain dormant until a user engages with a standard decentralized application (dApp) on its official domain. Once interaction occurs, the tool alters the transaction destined for the wallet, but in a manner that doesn’t seem manipulative or draining. Instead, the altered transaction maintains a normal appearance and outcome.
Jupiter Exchanges advises, “If you’ve installed an extension with broad permissions that you’re unsure about, it’s best to uninstall it right away.”
Investigation of Suspicious Browser Add-ons
Upon thorough examination, I’ve uncovered a potentially harmful Chrome extension named “Bull Checker.” This extension appears to have been aimed at various user groups.
— Jupiter (@JupiterExchange) August 19, 2024
Targeting Solana DeFi and Memecoin Traders
According to the findings, the Reddit account known as Solana_OG shared a Chrome extension designed to swindle traders of the Solana memecoin. This account enticed the traders to download the extension under false pretenses, with the ultimate goal of pilfering their digital assets.
As a researcher delving into transaction analysis, I’ve uncovered instances where transactions marked as legitimate from Jupiter and Raydium have been tampered with by Bull Checker. These alterations included malicious instructions, resulting in unauthorized token transfers to a harmful address and an abuse of authority. Raydium has confirmed that at least one user who encountered this issue was utilizing the Bull Checker browser extension.
1. Jupiter Exchange recommends users to delete any similar extensions with broad, questionable permissions, to ensure the safety of their investments. Conversely, the CBOE withdrew its 19b-4 application upon the SEC’s request, potentially diminishing the likelihood of a Solana ETF appearing in the market.
Read More
- SOL PREDICTION. SOL cryptocurrency
- USD PHP PREDICTION
- BTC PREDICTION. BTC cryptocurrency
- USD COP PREDICTION
- TON PREDICTION. TON cryptocurrency
- Strongest Magic Types In Fairy Tail
- AAVE PREDICTION. AAVE cryptocurrency
- LUNC PREDICTION. LUNC cryptocurrency
- ENA PREDICTION. ENA cryptocurrency
- GBP USD PREDICTION
2024-08-20 08:26