{"id":27148,"date":"2024-08-20T14:00:23","date_gmt":"2024-08-20T11:00:23","guid":{"rendered":"https:\/\/coinengineer.net\/blog\/?p=27148"},"modified":"2024-08-20T11:33:58","modified_gmt":"2024-08-20T08:33:58","slug":"jupiter-discovers-malicious-browser-extension","status":"publish","type":"post","link":"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/","title":{"rendered":"Jupiter Discovers Malicious Browser Extension Targeting Solana Users"},"content":{"rendered":"

Bypassing security cameras, Decentralized Exchange aggregator Jupiter<\/strong> has discovered a new malicious browser plugin called “Bull Checker<\/em>,” which has already empty the wallets of many Solana users.<\/p>\n

Jupiter<\/strong> creator Meow<\/strong> reported in an Aug. 20 research article that Reddit was advertising the “Bull Checker” plugin<\/strong>, accessible on Google Chrome, as a tool to examine all holders of certain memcoeins. Actually, however, it was meant to employ transaction modification to pilfers money from users’ wallets.<\/p>\n

Jupiter<\/strong> said in an Aug. 19 message on X, “if you have this extension (or similar extensions with extensive permissions you cannot trust), please remove it immediately.”<\/p>\n

Stealthy Attack Techniques and Community Warning<\/h3>\n

While users are interacting with approved distributed apps (DApps) on official domains, the Bull Checker addon might pass Solana simulated tests and show normal appearance. Once a transaction started, the extension changed it to fraudulently transfer tokens to another wallet while still showing the user a regular simulated outcome.<\/p>\n

Meow<\/strong> clarified that the requested “read and write” data access for the extension should have raised concerns as actual wallet-checking extensions usually need “read-only” rights. Several consumers sadly installed and utilized the plugin, which resulted in financial theft.<\/p>\n

Jupiter<\/strong> underlined that throughout their analysis the main Solana DApps or wallets showed no weaknesses. But this finding follows previous major security lapses in the Solana ecosystem, including a $1 million Cypher Protocol hack earlier this month.<\/p>\n

To prevent being victim to these attacks, users are advised to use vigilance and confirm the validity of browser extensions, particularly those claiming significant rights.<\/p>\n

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don\u2019t forget to follow us on our <\/span><\/i>Telegram, <\/span><\/i><\/a>YouTube<\/span><\/i><\/a>, and <\/span><\/i>Twitter<\/span><\/i><\/a> channels for the latest <\/span><\/i>news<\/span><\/i><\/a> and updates.<\/span><\/i><\/p>\n","protected":false},"excerpt":{"rendered":"

Bypassing security cameras, Decentralized Exchange aggregator Jupiter has discovered a new malicious browser plugin called “Bull Checker,” which has already empty the wallets of many Solana users. Jupiter creator Meow reported in an Aug. 20 research article that Reddit was advertising the “Bull Checker” plugin, accessible on Google Chrome, as a tool to examine all<\/p>\n","protected":false},"author":6,"featured_media":19378,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9,657,1],"tags":[8006,2993,8005,319],"class_list":["post-27148","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-crypto-news","category-en","category-genel","tag-browser-extension","tag-jupiter","tag-plugin","tag-solana"],"yoast_head":"\nJupiter Discovers Malicious Browser Extension Targeting Solana Users - Coin Engineer<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Jupiter Discovers Malicious Browser Extension Targeting Solana Users - Coin Engineer\" \/>\n<meta property=\"og:description\" content=\"Bypassing security cameras, Decentralized Exchange aggregator Jupiter has discovered a new malicious browser plugin called “Bull Checker,” which has already empty the wallets of many Solana users. Jupiter creator Meow reported in an Aug. 20 research article that Reddit was advertising the “Bull Checker” plugin, accessible on Google Chrome, as a tool to examine all\" \/>\n<meta property=\"og:url\" content=\"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/\" \/>\n<meta property=\"og:site_name\" content=\"Coin Engineer\" \/>\n<meta property=\"article:published_time\" content=\"2024-08-20T11:00:23+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-20T08:33:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/05\/hacker.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1168\" \/>\n\t<meta property=\"og:image:height\" content=\"657\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Tanju Akb\u0131y\u0131k\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tanju Akb\u0131y\u0131k\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/\",\"url\":\"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/\",\"name\":\"Jupiter Discovers Malicious Browser Extension Targeting Solana Users - Coin Engineer\",\"isPartOf\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/05\/hacker.jpg\",\"datePublished\":\"2024-08-20T11:00:23+00:00\",\"dateModified\":\"2024-08-20T08:33:58+00:00\",\"author\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/286f3a00b45c1661961e40ff0a1c7546\"},\"breadcrumb\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/#primaryimage\",\"url\":\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/05\/hacker.jpg\",\"contentUrl\":\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/05\/hacker.jpg\",\"width\":1168,\"height\":657},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/coinengineer.net\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Jupiter Discovers Malicious Browser Extension Targeting Solana Users\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/coinengineer.net\/blog\/#website\",\"url\":\"https:\/\/coinengineer.net\/blog\/\",\"name\":\"Coin Engineer\",\"description\":\"Btc, Coins, Pre-Sale, DeFi, NFT\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/coinengineer.net\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/286f3a00b45c1661961e40ff0a1c7546\",\"name\":\"Tanju Akb\u0131y\u0131k\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/a027c5acae1ab2c3649244f87d705ac7ee359dd7e3222b84cb1d32ba3a8d2e18?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/a027c5acae1ab2c3649244f87d705ac7ee359dd7e3222b84cb1d32ba3a8d2e18?s=96&d=mm&r=g\",\"caption\":\"Tanju Akb\u0131y\u0131k\"},\"url\":\"https:\/\/coinengineer.net\/blog\/author\/cetanju\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Jupiter Discovers Malicious Browser Extension Targeting Solana Users - Coin Engineer","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/","og_locale":"en_US","og_type":"article","og_title":"Jupiter Discovers Malicious Browser Extension Targeting Solana Users - Coin Engineer","og_description":"Bypassing security cameras, Decentralized Exchange aggregator Jupiter has discovered a new malicious browser plugin called “Bull Checker,” which has already empty the wallets of many Solana users. Jupiter creator Meow reported in an Aug. 20 research article that Reddit was advertising the “Bull Checker” plugin, accessible on Google Chrome, as a tool to examine all","og_url":"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/","og_site_name":"Coin Engineer","article_published_time":"2024-08-20T11:00:23+00:00","article_modified_time":"2024-08-20T08:33:58+00:00","og_image":[{"width":1168,"height":657,"url":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/05\/hacker.jpg","type":"image\/jpeg"}],"author":"Tanju Akb\u0131y\u0131k","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Tanju Akb\u0131y\u0131k","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/","url":"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/","name":"Jupiter Discovers Malicious Browser Extension Targeting Solana Users - Coin Engineer","isPartOf":{"@id":"https:\/\/coinengineer.net\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/#primaryimage"},"image":{"@id":"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/#primaryimage"},"thumbnailUrl":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/05\/hacker.jpg","datePublished":"2024-08-20T11:00:23+00:00","dateModified":"2024-08-20T08:33:58+00:00","author":{"@id":"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/286f3a00b45c1661961e40ff0a1c7546"},"breadcrumb":{"@id":"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/#primaryimage","url":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/05\/hacker.jpg","contentUrl":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/05\/hacker.jpg","width":1168,"height":657},{"@type":"BreadcrumbList","@id":"https:\/\/coinengineer.net\/blog\/jupiter-discovers-malicious-browser-extension\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/coinengineer.net\/blog\/"},{"@type":"ListItem","position":2,"name":"Jupiter Discovers Malicious Browser Extension Targeting Solana Users"}]},{"@type":"WebSite","@id":"https:\/\/coinengineer.net\/blog\/#website","url":"https:\/\/coinengineer.net\/blog\/","name":"Coin Engineer","description":"Btc, Coins, Pre-Sale, DeFi, NFT","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/coinengineer.net\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/286f3a00b45c1661961e40ff0a1c7546","name":"Tanju Akb\u0131y\u0131k","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/a027c5acae1ab2c3649244f87d705ac7ee359dd7e3222b84cb1d32ba3a8d2e18?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a027c5acae1ab2c3649244f87d705ac7ee359dd7e3222b84cb1d32ba3a8d2e18?s=96&d=mm&r=g","caption":"Tanju Akb\u0131y\u0131k"},"url":"https:\/\/coinengineer.net\/blog\/author\/cetanju\/"}]}},"_links":{"self":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts\/27148","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/comments?post=27148"}],"version-history":[{"count":3,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts\/27148\/revisions"}],"predecessor-version":[{"id":27180,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts\/27148\/revisions\/27180"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/media\/19378"}],"wp:attachment":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/media?parent=27148"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/categories?post=27148"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/tags?post=27148"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}