Škodlivé rozšíření pro Chrome „Bull Checker“ se zaměřuje na uživatele Solana, odčerpává peněženky

Binance News · 2024-08-20T00:44:25.000Z

Podle Cointelegraph: Bylo identifikováno nové škodlivé rozšíření prohlížeče s názvem „Bull Checker“, které se zaměřuje na uživatele Solana a úspěšně obchází kontroly odčerpávání platformy. Decentralizovaný burzovní agregátor Jupiter vydal 20. srpna varování a upozornil uživatele na tuto hrozbu, která již kompromitovala několik peněženek.Rozšíření „Bull Checker“, které představovalo nástroj, který uživatelům pomáhá zobrazit držitele konkrétních meme coinů, bylo inzerováno na Redditu a primárně cílilo na uživatele Solana. Podle výzkumného příspěvku pseudonymního zakladatele Jupitera, Meowa, bylo rozšíření schopno projít Solanovými simulačními kontrolami a prezentovat se jako legitimní nástroj. Po instalaci by však upravoval transakce bez detekce, což by mu umožnilo vysát finanční prostředky z peněženek uživatelů.

According to Cointelegraph: A new malicious browser extension called "Bull Checker" has been identified, targeting Solana users and successfully bypassing the platform’s drainer checks. The decentralized exchange aggregator Jupiter issued a warning on August 20, alerting users to this threat, which has already compromised several wallets.
The "Bull Checker" extension, which posed as a tool to help users view the holders of specific meme coins, was advertised on Reddit, primarily targeting Solana users. According to a research post by Jupiter’s pseudonymous founder, Meow, the extension was able to pass Solana’s simulation checks and present itself as a legitimate tool. However, once installed, it would modify transactions without detection, allowing it to drain funds from users' wallets.
The extension requested users to grant permissions to "read and write" data, a significant red flag, as legitimate wallet-checking extensions typically require only "read-only" permissions. Despite this, several users installed and used the extension, leading to the loss of their assets.
The “Bull Checker” extension asked for permission to read and write data. Source: JupiterMeow explained that the extension would wait until a user interacted with a legitimate decentralized application (DApp) before modifying the transaction to redirect funds. This modification would not be flagged by the simulation checks, making it difficult for users to detect the malicious activity.
One Reddit user promoting the "Bull Checker" extension claimed to have made $3,000 using the tool, though no further details were provided.
Jupiter reassured the community that their investigation found no vulnerabilities in the major DApps or wallets on the Solana network, emphasizing that the threat was confined to the malicious extension itself.
This discovery follows closely on the heels of other recent security breaches within the Solana ecosystem, including the halting of Cypher Protocol’s smart contract system after a $1 million exploit. Additionally, on July 8, Matthias Mende, co-founder of the Dubai Blockchain Center, reported losing over $100,000 in Solana from his Phantom Wallet after participating in a memecoin pre-sale event.
Users are urged to remain vigilant and remove any suspicious extensions, such as "Bull Checker," to safeguard their assets.

Nejnovější zprávy