Fun

Malicious ‘bull checker’ Chrome extension found targeting Solana users

News Feed - 2024-08-20 02:08:10

Tom Mitchelhill3 hours agoMalicious ‘bull checker’ Chrome extension found targeting Solana usersDecentralized exchange aggregator Jupiter has alerted users of a malicious browser extension that managed to sneak through Solana’s drainer checks.769 Total views1 Total sharesListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTCOINTELEGRAPH IN YOUR SOCIAL FEEDFollow ourSubscribe onDecentralized exchange aggregator Jupiter says it has identified a new malicious browser extension. The extension has already drained the wallets of several Solana users and can even sneak past detectors.


In an Aug. 20 research post, pseudonymous Jupiter founder Meow said “Bull Checker” — a nefarious Google Chrome browser extension — had been targeting Solana users on Reddit, advertising itself as an extension to view all the holders of specific memecoins. Source:Jupiter


“If you have this extension (or similar extensions with extensive permissions you cannot trust), please remove it immediately,” wrote Jupiter in an Aug. 19 X post.


Meow said the extension was able to pass Solana simulation checks and “appear normal” but was actually a drainer designed to steal funds from users’ wallets.


“After installing Bull Checker, it will wait till a user interacts with a regular DApp [decentralized application] on the official domain, before modifying the transaction sent to the wallet to sign. After modification, the simulation result will still be ‘normal’ and not appear to be a drainer,” explained Meow.

Meow said the Bull Checker extension asked users to accept permissions to “read and write” data, adding that any legitimate wallet-checking extension should only ever ask for ‘read-only’” permissions. 


“This should have been a major red flag for users, but apparently, several users continued to install and use the extension,” he said. The “Bull Checker” extension asked for permission to read and write data. Source: Jupiter


“Users with this extension would interact with the DApps as per normal, have the simulation show up as normal, but have the possibility of their tokens being maliciously transferred to another wallet upon transaction completion,” he added. 


Related:Solana ETF ‘still in play’ despite Cboe filing removal — VanEck exec


One of the users advertising the malicious extension on Reddit said they had used it to make $3,000 in the last week without providing any further specifics. 


Jupiter reassured users that no vulnerabilities were discovered in any of the major decentralized applications or wallets on the Solana network during its investigation. 


The discovery of the “Bull Checker” extension comes less than two weeks after Solana-based decentralized futures exchange Cypher Protocol halted its smart contract system in the wake of an estimated $1 million exploit.


Meanwhile, on July 8, Matthias Mende, co-founder of the Dubai Blockchain Center, told Cointelegraph he had fallen victim to an exploit where a hacker managed to steal over $100,000 in Solana (SOL) from his Phantom Wallet following his participation in a memecoin presale event. 


Mende said he still doesn’t know how the hack occurred. 


Magazine:5 dangers to beware when apeing into Solana memecoins# Blockchain# Altcoin# Hackers# Scams# DeFi# Solana# MemecoinAdd reaction

News Feed

Solana Explodes Out Of Downtrend: How High Can It Go?
Este artículo también está disponible en español. Solana (SOL) has delivered a dramatic shift in market structure, breaking above a descending parallel channel that had d
MicroStrategy to launch Bitcoin-based decentralized ID solution
Brayden Lindrea6 hours agoMicroStrategy to launch Bitcoin-based decentralized ID solutionMicroStrategy has already built an application called Orange For Outlook on “MicroStrategy Orange,” which integrates digital si
US gov’t $590M Silk Road Bitcoin transfer to Coinbase unlikely to be sold — Analyst
Zoltan Vardai12 hours agoUS gov’t $590M Silk Road Bitcoin transfer to Coinbase unlikely to be sold — AnalystThe government could also be looking to custody or trade the Bitcoin, based on a recent partnership with Coi
Altseason Loading? Analyst Explains How FTX $5B Distribution May Trigger The Next Bull Leg
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
India Brings Crypto Transactions Under Prevention of Money Laundering Act
India Brings Crypto Transactions Under Prevention of Money Laundering Act India’s finance ministry has announced that crypto transactions will be covered under the Prevention
Singapore to Impose Restrictions on Russian Financial and Crypto Transactions
Singapore to Impose Restrictions on Russian Financial and Crypto Transactions In a rare move, Singapore is going to introduce restrictions on certain Russian financial transactions
Core Scientific Files for Bankruptcy Protection, Firm Plans to Continue Mining Bitcoin to Pay Down Debt
Core Scientific Files for Bankruptcy Protection, Firm Plans to Continue Mining Bitcoin to Pay Down Debt On Dec. 21, 2022, one of the largest bitcoin mining operations in the indust
David Attlee57 minutes agoIRS extends comments period for new crypto tax rule to mid-NovemberThe proposed rules are supposed to come into effect in 2026, impacting sales and exchanges conducted in 2025.334 Total views3 T
Ubisoft Open-World Games Are Going to Get Much, Much Bigger
With the ongoing success of its trademark open-world games, Ubisoft is set to make them much, much bigger moving forward. | Photo by Frederic J. BROWN / AFPWhen we think of Ubisoft
Bitcoin miner Argo repays $35M Galaxy bailout loan
Alex O’Donnell7 hours agoBitcoin miner Argo repays $35M Galaxy bailout loanThe loan saved Argo from bankruptcy during the crypto winter of 2022.1936 Total views7 Total sharesListen to article 0:00NewsOwn this piece of
Brayden Lindrea3 hours agoBitcoin Ordinals creator Casey Rodarmor pitches BRC-20 alternative ‘Runes’Bitcoin Ordinals inventor Casey Rodarmor says a fungible token protocol like Runes wouldn’t leave as much “junk
Arijit Sarkar58 minutes agoKansas adjourns crypto bill targeting political donations to January 2024The bill required politicians to “immediately convert” crypto donations to U.S. dollars, with no scope of expenditur