|
Getting your Trinity Audio player ready...
|
The XRP Ledger (XRPL) community is grappling with a newly discovered security vulnerability. A backdoor has been identified within the official XRPL NPM package, raising significant concerns among developers and users. This flaw reportedly has the potential to expose private keys, leading to the loss of funds.
Cybersecurity firm Aikido Security brought the issue to light through social media, revealing that the xrpl.js library, a crucial tool for building applications on the XRP Ledger, had been compromised. The firm stated that a hidden backdoor was present in versions 4.2.1 through 4.2.4 of the library. According to Aikido Security, this vulnerability could allow attackers to secretly extract users’ private keys, thereby jeopardizing their digital wallets. The initial warning was posted on April 22nd, prompting immediate action within the community.
Malicious Code Designed to Steal Sensitive User Data
Aikido Security accompanied their announcement with a screenshot allegedly showing a segment of the malicious code found in a file named new Striptest(). This file, as detailed in their report, appears to be designed to surreptitiously gather sensitive information from users and developers without their knowledge or consent. The revelation has sent ripples of concern throughout the cryptocurrency development landscape.
Following the alert on X, projects utilizing the affected versions of the xrpl.js library are being strongly urged to downgrade to a secure version immediately. Aikido Security further advised those using older versions to refrain from upgrading for the time being. The xrpl.js library’s presence on the widely used NPM platform amplifies the potential impact, as it is integrated into numerous crypto applications and tools.
Also Read: Ripple Exec Highlights XRP Ledger (XRPL’s) Role in $10B Daily Prime Brokerage with Hidden Road
Unaffected Platforms Issue Assurances Amidst Community Response
Security researchers and members of the digital asset community on X have actively joined efforts to disseminate the warning. It has been clarified that the core XRP Ledger itself remains unaffected by this vulnerability. However, apprehension has grown concerning projects and applications that rely on the compromised library, as they could inadvertently expose their users to significant risks. In response to the escalating concerns, the team behind the XRPScan explorer affirmed that their platform remains secure. They stated on X that XRPScan does not handle private keys and operates on an earlier, unaffected version of the xrpl.js library.
xrpscan is safe from this xrpl.js supply-chain vulnerability. We do not process private keys and use an older version of xrpl.js. For projects using xrpl.js, we recommend double checking the library versions asap, especially if any update was made recently. https://t.co/0sDmnqkBPb
— XRPScan (@xrpscan) April 22, 2025
Similarly, XRPL Labs, the developers of the Xaman Wallet, confirmed that their infrastructure does not depend on the vulnerable library. They also clarified that Xaman employs its own systems for managing private keys, ensuring the safety of their users’ assets. This incident underscores the paramount importance of rigorous security audits and thorough reviews of third-party tools within the cryptocurrency development ecosystem.
Disclaimer: The information in this article is for general purposes only and does not constitute financial advice. The author’s views are personal and may not reflect the views of Chain Affairs. Before making any investment decisions, you should always conduct your own research. Chain Affairs is not responsible for any financial losses.
I’m your translator between the financial Old World and the new frontier of crypto. After a career demystifying economics and markets, I enjoy elucidating crypto – from investment risks to earth-shaking potential. Let’s explore!
