News 
Coin Information 
About us 
Customer Service 
A potential security breach involving the XRP Ledger was swiftly mitigated after malicious code was discovered in its JavaScript SDK, xrpl.js. The vulnerability stemmed from a stolen developer access token on the Node Package Manager (NPM) platform, enabling a threat actor to publish compromised versions of the software package.
Charlie Eriksen of Aikido Security identified the breach when Aikido Intel flagged suspicious activity involving five new versions of xrpl.js on April 21. These versions—4.2.1 through 4.2.4 and 2.14.2—contained code that could theoretically allow attackers to steal users’ private keys, posing a severe risk to wallets and third-party applications built on the XRP Ledger.
Used by hundreds of thousands of apps and websites, xrpl.js is downloaded over 140,000 times weekly, making this a potentially catastrophic supply chain attack. Fortunately, core XRP services like Xaman Wallet and XRPScan were not impacted.
The XRP Ledger Foundation quickly responded, releasing patched version 4.2.5 and deprecating the affected versions. They emphasized that the main XRP Ledger codebase and GitHub repository remained secure and untouched.
While the exact method of the token theft and identity of the attacker remain unknown, Aikido believes the incident underscores the growing threat of supply chain attacks in crypto development. Developers using xrpl.js are strongly advised to upgrade immediately.
Despite the scare, XRP prices have surged 8.5% over the past 24 hours, reflecting broader market momentum.
This incident highlights the critical importance of security vigilance in decentralized ecosystems and the growing risks posed by compromised developer tools.
Comment 0