ChainCatcher message, Jupiter stated on platform X that over the past week, the team received reports that a small number of users' funds using Solana DeFi were depleted.After extensive investigation, the team discovered a malicious Chrome extension called "Bull Checker," which targeted users on several Solana-related subreddits. Users with this extension would be able to interact normally with dApps, and the simulation would display correctly, but upon transaction completion, their tokens could be maliciously transferred to another wallet. If users have this extension (or similar extensions with untrustworthy broad permissions), it is recommended to remove it immediately. No vulnerabilities were found in any dApp or wallet.