- The XRP Ledger Foundation disclosed a critical backdoor in its official JavaScript library, allowing attackers to steal private keys and access wallets via a refined supply chain attack.
- Blockchain security firm Aikido flagged the vulnerability as “potentially catastrophic”, noting that the attacker actively updated the malicious code to avoid detection across multiple library versions.
- The compromised code was removed, and key ecosystem apps like XRPScan and First Ledger confirmed they were unaffected.
- The XRP price actually surged 6.9% despite the breach.
The XRP Ledger Foundation has disclosed a “serious vulnerability” in its official JavaScript library, warning that a hacker compromised the official Node Package Manager (NPM) library used by developers on the XRP Ledger (XRPL).
According to Aikido researcher Charlie Eriksen, the attackers inserted a backdoor capable of stealing private keys and draining wallets, putting thousands of wallets at risk.
The firm flagged the attempt as a “potentially catastrophic supply chain attack”. In the blog post, Aikido explained that the malicious code was injected into the library used by developers to interact with the XRP Ledger, not the blockchain itself, but the tools surrounding it.
The firm highlighted the widespread risk should the issue have gone unnoticed:
This package is used by hundreds of thousands of applications and websites making it a potentially catastrophic supply chain attack on the cryptocurrency ecosystem.
AikidoA Potential Disaster
A backdoor is simply a mechanism that bypasses standard security checks, granting hackers unauthorised access to sensitive user data.
Moreover, Eriksen noted that the attacker didn’t just publish a single exploit —they updated and refined it across multiple versions in an attempt to stay undetected:
From this, we can see that the attacker was actively working on the attack, trying different ways to insert the backdoor while remaining as hidden as possible. Going from manually inserting the backdoor into the built JavaScript code, into putting it into the TypeScript code and then compiling it down into the built version.
Charlie Eriksen, AikidoCode Pulled, dApps Unaffected
Luckily, the XRP Ledger Foundation confirmed that it had removed the compromised version from its code repository. Several high-profile projects within the ecosystem, including XRPScan, First Ledger, and Gen3 Games, said they were not affected by the incident.
Despite the breach, the XRP price is up more than 6.9%, trading at US$2.22 (AU$3.48), according to CoinGecko, and 14% in the last two weeks. Not bad at all, and it aligns with the current state of the market, with many coins in the green, including Bitcoin (BTC) and Ethereum (ETH)
The cryptocurrency currently holds a market cap of over US$125B (AU$196B).
Related: ARK Invest Adds Staked Solana Exposure to Innovation-Focused ETFs
Credit: Source link
