Trusted

Malicious Chrome Extension Targets Solana Wallet Users

2 mins
Updated by Daria Krasnova
Join our Trading Community on Telegram

In Brief

  • Jupiter DEX warns Solana users of a malicious Chrome extension named "Bull Checker" targeting DeFi transactions.
  • The extension steals SOL by adding hidden instructions to transactions, transferring tokens to a malicious wallet.
  • Users are urged to uninstall the extension and avoid unverified add-ons to enhance security on Solana apps.
  • promo

Jupiter, a Solana-based DEX aggregator, has issued an urgent alert to its users about a malicious Chrome extension targeting DeFi users on the Solana network.

The “Bull Checker” extension targets the Solana DeFi community by intercepting transactions and stealing SOL tokens.

Solana Users Targeted by Malicious Chrome Extension

The malicious extension transfers tokens to another wallet without the user’s knowledge once a transaction is completed. Jupiter DEX strongly recommends users remove the extension immediately and avoid installing add-ons from unverified sources.

According to an official analysis shared via its X (formerly Twitter) account, Jupiter confirmed that the “Bull Checker” extension poses a serious threat to Solana users. The team has highlighted the need for heightened security measures when interacting with Solana-based applications and advises enabling all possible security layers.

“After extensive investigation, we have identified a malicious Chrome extension called ‘Bull Checker’ that had targeted users on several Solana-related subreddits. Users with this extension would interact with the dApps as per normal, have the simulation show up as normal, but have the possibility of their tokens being maliciously transferred to another wallet upon transaction completion,” Jupiter team explained.

Read more: 15 Most Common Crypto Scams To Look Out For

Jupiter DEX clarified that there are no vulnerabilities in its wallets or DApps. To illustrate how the malware operates, the platform shared examples of transactions affected by the attack (e.g., 5UMuc…..q2pZjr).

“In both cases, malicious instructions were added to regular Jupiter and Raydium instructions, and the resulting transaction was signed by the user as per normal, but had their tokens and authority transferred to the malicious address,” the team added.

sol malware transactions
Malware Transactions. Source: X/@JupiterExchange

Additionally, the team revealed that the malware was promoted by an anonymous Reddit user, “Solana_OG,” who specifically targeted meme coin investors. Earlier this year, Solana’s popularity surged due to the success of meme-inspired assets. Capitalizing on this trend, the malicious browser extension targeted Reddit users interested in trading these cryptocurrencies.

Read more: How to Buy Solana Meme Coins: A Step-By-Step Guide

Although “Bull Checker” has been exposed as a scam, other harmful extensions may still be undetected. Solana users should remain cautious and uninstall any suspicious extensions.

🎄Best crypto platforms in Europe | December 2024
eToro eToro Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
3Commas 3Commas Explore
🎄Best crypto platforms in Europe | December 2024
eToro eToro Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
3Commas 3Commas Explore
🎄Best crypto platforms in Europe | December 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

b89964d5d1b8350ba844c260d4714556.jpg
Daria Krasnova
Daria Krasnova is an accomplished editor with over eight years of experience in both traditional finance and crypto industries. She covers a variety of topics, including decentralized finance (DeFi), decentralized physical infrastructure networks (DePIN), and real-world assets (RWA). Before joining BeInCrypto, she served as a writer and editor for prominent traditional finance companies, including the Moscow Stock Exchange, ETF provider FinEx, and Raiffeisen Bank. Her work focused on...
READ FULL BIO
Sponsored
Sponsored