Decentralized trading platform Jupiter Exchange has recently published a detailed report on how Chrome Extension Bull Checker has been stealing tokens from Solana DeFi users over the past few weeks.
A Chrome extension called "Bull Checker" has been stealing tokens from users of Solana decentralized finance (DeFi) protocols, according to a report published Monday by Jupiter Exchange, a decentralized trading platform.
Over the last week, several users have reported losing their tokens in transactions that appeared to be authorized by them. This prompted Jupiter to investigate the matter further.
Stop Using Chrome Extension Bull Checker
The Bull Checker extension was promoted heavily to users on Solana DeFi-related subreddits, according to the report. It allowed users to interact with decentralized applications (dApps) as normal, with transactions appearing to go through as expected during simulations.
However, after completing these transactions, the extension would surreptitiously transfer users' tokens to another wallet without their knowledge.
Jupiter confirmed that there were no vulnerabilities in the wallets or the dApps themselves, indicating that the issue was solely caused by the Bull Checker extension.
The extension was marketed as a read-only tool for viewing memecoin holders, but it had permission to "read and modify all data on all websites visited," which was a major red flag that its users apparently missed.
“After installing Bull Checker, it will wait till a user interacts with a regular dApp on the official domain, before modifying the transaction sent to the wallet to sign,” Jupiter added. “After modification, the simulation result will still be ‘normal’ and not appear to be a drainer.”
The above is the detailed content of Chrome Extension 'Bull Checker” Steals Tokens from Solana DeFi Users. For more information, please follow other related articles on the PHP Chinese website!