Watch Out for Harmful Chrome Extensions That Drain Crypto Wallets

Investigators found that a hostile Chrome extension dubbed “Bull Checker” had been targeting people on numerous Solana-related subreddits. The Jupiter exchange issued a notice, following complaints from numerous Solana decentralized finance clients of their cryptocurrency wallets being drained. With this attachment, users could still interact with the dApps and see the simulation as expected, but there would also be a possibility that their tickets would be maliciously moved to a different wallet at the end of a transaction.

Detecting Malicious Extensions

Further investigation of other affected people who got exhausted by the same program indicates that “Bull Checker,” an extension with the capability to read and modify any data on the website, maybe the causality.

The goal of Bull Checker is to be a read-only attachment that lets you see who has memecoins. This kind of stretching cannot be needed to read or write data on any website. Although this ought to have presented a serious warning sign for users, it seems that a number of them kept installing and using the extension.

The report states Bull Checker waits to modify the marketing transmitted to the wallet for signature until the user encounters a regular dApp on the authorized field after structure. The simulation outcome will stay “standard” and not show up as a drainer after the modification. Investigators found that the unknown Reddit user “Solana_OG” elevated “Bull Checker.” This individual appeared to persuade users into downloading the extension by posing as somebody examining to trade namecoins.

Guidance

There may be more dangerous extensions available. Uninstall an extension instantly if you feel it might be negative, particularly if it has both “read” and “change” rights. Never accept anything just because it has received a lot of upvotes and has been mentioned on Reddit or another media platform. Extensions that ask for a lot of approvals should be taken very seriously. All of your website’s data shouldn’t have to be read and modified by an attachment like Bull Checker.  Furthermore, SafeGuard, a new security instruction feature from Blowfish, stops any simulation spoofing attempts. It is being used by several Solana wallets and will stop such invasions in the end.