As a seasoned researcher with years of experience in cybersecurity and cryptocurrency, I’ve seen my fair share of tricks and traps set for unsuspecting users. The Bull Checker extension is yet another reminder that the crypto world can be as treacherous as it is exciting.
As a seasoned cryptocurrency user with years of experience under my belt, I have encountered numerous scams and fraudulent activities in this digital world. One such incident that left me with a bitter taste was an encounter with a seemingly innocent extension claiming to be a read-only tool for checking one’s cryptocurrencies. However, behind its harmless facade, the true intention of this malicious software was to deceive users into transferring their hard-earned funds to another wallet. The lesson I learned from this experience is to always be vigilant and verify the authenticity of any tool or service before using it, no matter how appealing or trustworthy it may seem at first glance.
As a crypto investor utilizing this extension, I’d interact with decentralized applications (dApps) just like any other user, with the expected interface appearing. However, there’s an underlying risk: upon the successful completion of a transaction, my tokens might be surreptitiously moved to another wallet due to potential malicious activities.
The exchange revealed that the extension’s ability to pass Solana‘s simulation checks makes it particularly dangerous. It waits for users to interact with legitimate decentralized applications before modifying transactions. This modification isn’t detected during simulation, allowing the drainer to operate unnoticed.
Based on findings from Jupiter’s investigation, it appears that the Reddit user Solana_OG was instrumental in promoting Bull Checker. This promotion was primarily aimed at traders of Solana’s meme coin. However, the strategy employed by Solana_OG was deceitful: they encouraged traders to download the extension with the intention of stealing their digital assets.
It was revealed that the extension focuses more on installed wallets since it can read and change data on all websites. Jupiter noted that Bull Checker changes the wallet adapter’s signTransaction method with its own version, sending the unsigned transaction to a remote server and adding a call to a drainer program. Jupiter explained:
As a crypto investor, I’ve come to understand that this extension operates primarily on my wallet apps. It’s designed to access and manipulate data across all websites. Essentially, it keeps a constant watch over applications with wallet integrations. Instead of using the standard signTransaction method, it swaps it out with its own version, sending unsigned transactions to a distant server and adding a command to a draining program. If I unknowingly authenticate the altered transaction, this draining program can empty my token reserves into someone else’s wallet.
Jupiter’s Advice for Crypto Users
Jupiter stressed that Bull Checker, presented on Reddit as a device for inspecting meme coin holders, doesn’t need to process or save data because it is superfluous for a basic wallet examination tool. Jupiter pointed out that it has no requirement for reading or writing data.
The Bull Checker extension is intended primarily as a tool for viewing memecoin holders; it shouldn’t interact with data on all websites. Regrettably, this could have served as a significant warning sign for users. However, it seems that numerous users persisted in downloading and utilizing the extension despite this potential risk.
Jupiter warned crypto users to immediately remove Bull Checker or any similar extension with such extensive permissions. They noted that no vulnerabilities were found in major Solana DApps or wallets during their investigation.
Beyond this, Jupiter cautions crypto users to be wary of relying on social media hype alone when it comes to trusting tools, as people may use such platforms for manipulation with dishonest intentions. This warning comes in the wake of recent security concerns within the Solana network ecosystem. Notably, Matthias Mende, co-founder of Dubai Blockchain Center, suffered a loss exceeding $100,000 from his Phantom Wallet in June after engaging with a meme coin pre-sale event on Solana.
Read More
Sorry. No data so far.
2024-08-20 13:54