Decentralized trading platform Jupiter Exchange has warned Solana (SOL) users about the malicious ‘Bull Checker’ Chrome extension.
Jupiter has detected a malicious Chrome extension called “Bull Checker” targeting Solana users and stealing money from their wallets, and is warning users to be careful.
Jupiter reported that Solana DeFi users’ wallets were stolen thanks to a malicious plugin called “Bull Checker.”
According to a report by Jupiter Exchange, the “Bull Checker Chrome Extension” targeted several users on Solana DeFi-related subreddits. The extension also allowed users to interact with decentralized applications (dApps) as usual, and their transactions appeared completely normal.
However, after the users’ transactions were completed, the malicious “Bull Checker Chrome Extension” transferred the tokens from their wallets to another wallet without the users’ permission and knowledge.
Jupiter stated in its report that the issue was solely caused by the Bull Checker hrome Extension, while assuring users that no vulnerabilities were found in Solana’s major dApps or wallets.
“Last week, we received reports that a small number of users using Solana DeFi had their accounts deleted.
After extensive investigation, we discovered a malicious Chrome extension called “Bull Checker” targeting users on various Solana-related subreddits.
If you have this plugin (or similar plugins with extensive permissions that you cannot trust), please remove them immediately.
It should be noted that there are no security vulnerabilities in any of the Dapps or wallets.
Be careful and do not install plugins that can read/write data unless you are really sure.”
In his latest post, Jupiter stated that he had resolved the issues with the token service and announced that he had completely restored the token service.
Identification Of Malicious Extension
Over the last week, we received reports that a small number of users using Solana DeFi got drained.After extensive investigation, we have identified a malicious Chrome extension called “Bull Checker” that had targeted users on several… pic.twitter.com/pubayfmD9h
— Jupiter 🪐 (@JupiterExchange) August 19, 2024
*This is not investment advice.