Solana Users Warned About Malicious Google Chrome Extension
Jupiter, the decentralized exchange on Solana, has issued a warning about a malicious browser extension targeting Solana users using Google Chrome.
According to a detailed analysis by the platform’s founder, nicknamed “Meow,” the browser extension is designed to drain user funds and even bypass Solana’s impersonation checks.
Suspicious Extension Puts Users at Risk
The extension, dubbed “Bull checker,” is being promoted on a number of Solana-related forums on the social media platform Reddit. It advertises itself as a tool that allows users to view all holders of a specific meme coin.
However, this seemingly normal extension may intercept and modify transactions as users interact with decentralized applications (Dapps), maliciously transferring user funds to different wallets. Additionally, the extension is designed to evade detection by trading simulation tools.
Specifically, the extension hijacks the wallet’s signTransaction method and forwards it to a remote server controlled by the attacker. The transaction is then modified to drain funds from the user’s wallet and transfer authority to the attacker when signed by the user.
Meow emphasized that requesting read and write permissions during installation is a major “red flag” for any extension, as Bull checker functionality only requires “read-only” permissions. Users are advised to uninstall any extension with both Read and Change permissions, especially if suspected of containing malware.
Protecting Against Cryptocurrency Scams
This incident is not the first involving malicious browser extensions targeting cryptocurrency users. Similar tactics have been used in the past to deceive users of crypto hardware wallets and trading applications.
Attackers within the cryptocurrency space continue to evolve, employing more sophisticated tactics to trick their victims. From fake extensions to using fake Zoom links to deploy malware, users must remain vigilant and take necessary precautions to safeguard their funds and personal information.
In conclusion, users are urged to be cautious when installing browser extensions and to regularly review permissions granted to them. By staying informed and proactive, individuals can better protect themselves against potential threats in the ever-evolving landscape of cryptocurrency security.
The post Solana users at risk as malicious Google Chrome extension drains funds appeared first on Invezz
