Solana Users Targeted with Malicious Chrome Extension

Solana-based decentralized exchange aggregator Jupiter has issued a warning about a malicious Chrome extension called "Bull Checker."

Advertisement

Several subreddits linked to the prominent "Ethereum killer" have been specifically targeted by the fraudulent extension.  "Bull Checker" pretends to be a rather benign read-only extension that simply allows users to check their cryptocurrencies.

HOT Stories

Solana Users Targeted with Malicious Chrome Extension

Shiba Inu (SHIB) Lowest Level in 2024? What's Happening, XRP Secures Golden Cross, Ethereum (ETH) Takes Wrong Turn

XRP Stuns Crypto Market with Massive Gains

Shytoshi Kusama On Urge to Reveal His True Identity: "Let Mask Remain Famous"

However, the actual goal of this extension is to fool unsuspecting users into transferring their funds to another wallet.  It is worth noting that "Blue Checker" can read and change all your data on a website. This should be treated as a major red flag since such an extension would not normally need this sort of permission. 

Related

Sat, 08/17/2024 - 09:58

Solana ETF Drive Hits First Major Roadblock With CBOE Godfrey Benjamin

The extension was able to drain the wallets of its victims by modifying transactions from a regular dApp. Unsigned transactions get forwarded to a remote server to a drainer program.  Earlier this year, Solana gained more popularity due to the success of meme coins. Unsurprisingly, the malicious extension was specifically targeting Reddit users who were looking to trade the aforementioned type of cryptocurrencies.  While "BlueChecker" has now been exposed as a sham, it is likely that there are other malicious extensions that are yet to be tracked down. Hence, users should stay vigilant and uninstall all suspicious extensions (especially the ones that require extensive permission).  Earlier this year, a malicious Aggr extension that had positive reviews on the Chrome Store managed to steal millions of dollars worth of crypto. 

Source