Solana Users Targeted by ‘Bull Checker’ Chrome Extension Scam

[yhiaali3]

The “Bull Checker” extension preys on Solana users by altering wallet transactions, causing significant unauthorized token drains.

A new malicious browser extension called the “Bull Checker” is reportedly targeting Solana users on Reddit by masquerading as a meme coin tracker.

This extension evades detection systems and has drained Solana users’ wallets.

Solana Users Targeted
In the past week, Jupiter’s pseudonymous founder, Meow, reported that a few Solana DeFi users experienced unauthorized token drains. Through a thorough investigation with partners, they traced the issue to “Bull Checker,” which had been targeting users on various Solana-related subreddits.

This extension allowed users to interact normally with decentralized apps (dApps), but it secretly transferred tokens to unauthorized wallets upon transaction completion. Jupiter’s founder stressed that no vulnerabilities were found in the dApps or wallets themselves.

They urged users to remove the “Bull Checker” extension or any similar ones with extensive permissions that they cannot trust immediately.

Source: https://cryptopotato.com/solana-users-targeted-by-bull-checker-chrome-extension-scam/

This is a really serious incident because it was promoted on a popular and trusted site like Reddit, where most users trust the platform and wouldn't suspect that they are carrying a malicious tool to steal their coins from their Solana wallet.

I think Reddit should either block the links or install a tool to check for malicious links after this incident.

[rdluffy]

All crypto users should be VERY careful of any extension they use
Some security practices help to minimize the risks, such as using the wallet in one browser, and the extensions in another browser, or another user, so you don't have any interaction with the wallet
Another thing is to use extensions that are new or that the community hasn't tested enough, it's dangerous

At least here, the only extensions I use together with my wallets (Metamask, Phantom etc.) are two protection extensions (Revoke and Wallet Guard) that warn me if a crypto site is phishing, if the contract is malicious or if it has any vulnerabilities

[TomPluz]

All crypto users should be VERY careful of any extension they use. Some security practices help to minimize the risks, such as using the wallet in one browser, and the extensions in another browser, or another user, so you don't have any interaction with the wallet. Another thing is to use extensions that are new or that the community hasn't tested enough, it's dangerous. At least here, the only extensions I use together with my wallets (Metamask, Phantom etc.) are two protection extensions (Revoke and Wallet Guard) that warn me if a crypto site is phishing, if the contract is malicious or if it has any vulnerabilities.

We are living in a very dangerous era where one can lose a lot of money with using platforms that are supposed to be our friends that may turn out to be the enemies we should not sleep with: scammers and fraudsters. And they are getting to be really so effective in fishing their next victims...in fact I would say they are always ahead of the security race and it is because the incentives can run into millions of dollars, potentially. We must always be careful and must limit our possible exposure to these dangerous extensions and apps that are able to get through the detection of platforms like Chrome. Sadly, this is has been an ongoing problem for years and I am sure that in 2025 there can be a similar story as well.

[joniboini]

I use Reddit sometimes and some of the ads are sketchy as hell. Not to mention scammers can easily use a throwaway account to spread malicious links on various subreddit. I believe this is not a new issue and regular users know clicking links from Reddit is dangerous. I wonder what kind of ads they used to spread this malware. On the other hand, this goes to show that we shouldn't rely on a third-party to filter malicious links for us, even if it's a big platform since scammers definitely use them too.

[yhiaali3]

I use Reddit sometimes and some of the ads are sketchy as hell. Not to mention scammers can easily use a throwaway account to spread malicious links on various subreddit. I believe this is not a new issue and regular users know clicking links from Reddit is dangerous. I wonder what kind of ads they used to spread this malware. On the other hand, this goes to show that we shouldn't rely on a third-party to filter malicious links for us, even if it's a big platform since scammers definitely use them too.

They used an advertisement about a meme coin tracker chrome extension where they tricked users that it is a meme coin tracker tool and planted the malicious extension through it.

Unfortunately Reddit should be more strict and monitor external links, they should at least create a program to monitor and scan malicious links.

[erus]

The “Bull Checker” extension preys on Solana users by altering wallet transactions, causing significant
 ~snip~
They urged users to remove the “Bull Checker” extension or any similar ones with extensive permissions that they cannot trust immediately.

Source: https://cryptopotato.com/solana-users-targeted-by-bull-checker-chrome-extension-scam/

This is a really serious incident because it was promoted on a popular and trusted site like Reddit, where most users trust the platform and wouldn't suspect that they are carrying a malicious tool to steal their coins from their Solana wallet.

I think Reddit should either block the links or install a tool to check for malicious links after this incident.

It is very unfortunate that a class like Reddit that has members from all over the world has been caught out by a strange and suspicious link source. Yes, Reddit should not allow something like this Scammer to appear, but I am also sure that the Reddit developers cannot check one by one and there must be several stages so that they can check it repeatedly. Moreover, what was stolen was the Solana coin which could one day be worth thousands of dollars for 1 Solana coin.
Ps: until now im notyet have an account of Reddit.

[MrSpasybo]

It is very unfortunate that a class like Reddit that has members from all over the world has been caught out by a strange and suspicious link source. Yes, Reddit should not allow something like this Scammer to appear, but I am also sure that the Reddit developers cannot check one by one and there must be several stages so that they can check it repeatedly. Moreover, what was stolen was the Solana coin which could one day be worth thousands of dollars for 1 Solana coin.
Ps: until now im notyet have an account of Reddit.

Yeah, Reddit can't check every project/link that's posted and shared. It's Reddit's users who contribute by discovering and reporting scam projects like BullChecker. Only when there's enough reports can Reddit take action and limit the popularity of these scam projects on their platform.

Ultimately, investors are still responsible for protecting their personal accounts. Scam projects exist everywhere in the financial market and they find every way to gain the trust of investors and then their assets. This event should serve as a warning to all of us before the bullrun comes: be cautious and only interact with well-known and audited protocols.

[erus]

It is very unfortunate that a class like Reddit that has members from all over the world has been caught out by a strange and suspicious link source. Yes, Reddit should not allow something like this Scammer to appear, but I am also sure that the Reddit developers cannot check one by one and there must be several stages so that they can check it repeatedly. Moreover, what was stolen was the Solana coin which could one day be worth thousands of dollars for 1 Solana coin.
Ps: until now im notyet have an account of Reddit.

Yeah, Reddit can't check every project/link that's posted and shared. It's Reddit's users who contribute by discovering and reporting scam projects like BullChecker. Only when there's enough reports can Reddit take action and limit the popularity of these scam projects on their platform.

Ultimately, investors are still responsible for protecting their personal accounts. Scam projects exist everywhere in the financial market and they find every way to gain the trust of investors and then their assets. This event should serve as a warning to all of us before the bullrun comes: be cautious and only interact with well-known and audited protocols.

Until now I noticed that I see Scammers in this crypto are very rampant and it can't be stopped. Reddit also now has some possible scammers present and the evidence is already there about BullChecker. If it continues like this I think the regulation for this crypto should be protected by a legal umbrella but in my opinion if there is a legal umbrella later crypto will become centralized, right?
And one more thing, are these scammers the same people since the presence of Bitcoin crypto since 2009?

[enoch_from_off]

It is very unfortunate that a class like Reddit that has members from all over the world has been caught out by a strange and suspicious link source. Yes, Reddit should not allow something like this Scammer to appear, but I am also sure that the Reddit developers cannot check one by one and there must be several stages so that they can check it repeatedly. Moreover, what was stolen was the Solana coin which could one day be worth thousands of dollars for 1 Solana coin.
Ps: until now im notyet have an account of Reddit.

Yeah, Reddit can't check every project/link that's posted and shared. It's Reddit's users who contribute by discovering and reporting scam projects like BullChecker. Only when there's enough reports can Reddit take action and limit the popularity of these scam projects on their platform.

Ultimately, investors are still responsible for protecting their personal accounts. Scam projects exist everywhere in the financial market and they find every way to gain the trust of investors and then their assets. This event should serve as a warning to all of us before the bullrun comes: be cautious and only interact with well-known and audited protocols.

Until now I noticed that I see Scammers in this crypto are very rampant and it can't be stopped. Reddit also now has some possible scammers present and the evidence is already there about BullChecker. If it continues like this I think the regulation for this crypto should be protected by a legal umbrella but in my opinion if there is a legal umbrella later crypto will become centralized, right?
And one more thing, are these scammers the same people since the presence of Bitcoin crypto since 2009?

I would become more regulated if the legal umbrella were put under it.
Remember that many things are done by the blockchain itself, it should be the main thing we trust in, others - they can be whoever they present themselves.

[MrSpasybo]

Until now I noticed that I see Scammers in this crypto are very rampant and it can't be stopped. Reddit also now has some possible scammers present and the evidence is already there about BullChecker. If it continues like this I think the regulation for this crypto should be protected by a legal umbrella but in my opinion if there is a legal umbrella later crypto will become centralized, right?
And one more thing, are these scammers the same people since the presence of Bitcoin crypto since 2009?

Scammers have existed in the financial world since its earliest days and I believe they came to crypto as soon as Satoshi introduced BTC to the world. Scammers are always looking for ways to steal our assets, they are quite easy-going so they can accept fiat, stablecoin, BTC and ALTS ^^

I think these kinds of scams should be thoroughly investigated to punish the scammers and recover the assets for the victims, however, this is often difficult even when the government has a legal framework for crypto. I don’t think government involvement reduces the decentralization of crypto if investors still self-custody their crypto assets.

[enoch_from_off]

Until now I noticed that I see Scammers in this crypto are very rampant and it can't be stopped. Reddit also now has some possible scammers present and the evidence is already there about BullChecker. If it continues like this I think the regulation for this crypto should be protected by a legal umbrella but in my opinion if there is a legal umbrella later crypto will become centralized, right?
And one more thing, are these scammers the same people since the presence of Bitcoin crypto since 2009?

Scammers have existed in the financial world since its earliest days and I believe they came to crypto as soon as Satoshi introduced BTC to the world. Scammers are always looking for ways to steal our assets, they are quite easy-going so they can accept fiat, stablecoin, BTC and ALTS ^^

I think these kinds of scams should be thoroughly investigated to punish the scammers and recover the assets for the victims, however, this is often difficult even when the government has a legal framework for crypto. I don’t think government involvement reduces the decentralization of crypto if investors still self-custody their crypto assets.

Yeah, it depends on what terms the government is ready to regulate crypto through legal frameworks.
I think there would be many fine prints and nitpicks to see, though I never thought about it or how it may look. What may it change as well.
It's an interesting thought and theme overall.

[vegasus]

All crypto users should be VERY careful of any extension they use
Some security practices help to minimize the risks, such as using the wallet in one browser, and the extensions in another browser, or another user, so you don't have any interaction with the wallet
Another thing is to use extensions that are new or that the community hasn't tested enough, it's dangerous

Indeed, we must be really aware of this and be very careful, because criminal crimes are now much more developed and follow what is currently hyped. Not only scammers but also various extensions that may also cause malware and others, that's why we must continue to be vigilant when we want to click something even from sources that look professional.

Our online wallets are also quite risky with things like this with the risk of lost assets. That's why, if we do use online wallets, whether for the Solana network or others, caution is very much needed to avoid these risks.

[bitterguy28]

This is a really serious incident because it was promoted on a popular and trusted site like Reddit, where most users trust the platform and wouldn't suspect that they are carrying a malicious tool to steal their coins from their Solana wallet.

i would not really say that reddit is trusted and is the best place to be clicking links from it is popular yes but its members do not have the best credibility nor reputation either since anyone can just make an account actually reddit has always had a lot of questionable topics, discussions and members even though reddit is a popular platform not everyone thinks of it as a serious platform

especially when it comes to crypto i just go in there to check it from time to time but i will not trust anyone from reddit enough to click a link without even checking thoroughly

I think Reddit should either block the links or install a tool to check for malicious links after this incident.

i am sure members report those who post but i guess the platform is not doing enough to prevent this from happening we need protection even before it happens not after but anyway let us just be careful ourselves

[yhiaali3]

i would not really say that reddit is trusted and is the best place to be clicking links from it is popular yes but its members do not have the best credibility nor reputation either since anyone can just make an account actually reddit has always had a lot of questionable topics, discussions and members even though reddit is a popular platform not everyone thinks of it as a serious platform

especially when it comes to crypto i just go in there to check it from time to time but i will not trust anyone from reddit enough to click a link without even checking thoroughly

I agree with you of course, but there are some people, especially new members, who think that Reddit is trustworthy and think that just having links on the platform means it is safe and they do not know that not all members are trustworthy and that anyone can put malicious links.

Also, members who come to the topic recently and do not see any negative comments about the links will be deceived and click on the links until someone reports these links and they are removed or blocked.

Therefore, you should be careful, especially with links on social platforms.

[royalRitta]

i would not really say that reddit is trusted and is the best place to be clicking links from it is popular yes but its members do not have the best credibility nor reputation either since anyone can just make an account actually reddit has always had a lot of questionable topics, discussions and members even though reddit is a popular platform not everyone thinks of it as a serious platform

especially when it comes to crypto i just go in there to check it from time to time but i will not trust anyone from reddit enough to click a link without even checking thoroughly

I agree with you of course, but there are some people, especially new members, who think that Reddit is trustworthy and think that just having links on the platform means it is safe and they do not know that not all members are trustworthy and that anyone can put malicious links.

Also, members who come to the topic recently and do not see any negative comments about the links will be deceived and click on the links until someone reports these links and they are removed or blocked.

Therefore, you should be careful, especially with links on social platforms.

Totally. The same goes for any place that's related to your funds in the long run - we should always stay vigilant and minimize the risks at stake.
You never know what an unofficial extension holds for you - it may be a copy cat, or become a scam in the future, regardless, responsibly analyze everything you use that's related to your funds and wallet.