The XRP Ledger Foundation disclosed a major security flaw in the official JavaScript library used to interact with the XRP Ledger, warning that attackers inserted a backdoor to steal private keys and access crypto wallets.
In a blog post published April 22, blockchain security firm Aikido revealed that the open-source JavaScript package had been compromised by “sophisticated attackers” in what it described as a high-risk supply chain breach. The library is widely used by developers and integrated across hundreds of thousands of websites and applications.
“This package is used by hundreds of thousands of applications and websites, making it a potentially catastrophic supply chain attack on the cryptocurrency ecosystem,” Aikido wrote.
While the vulnerability does not affect the XRP Ledger blockchain itself, it put any applications relying on the JavaScript package at risk. The XRP Ledger Foundation has since patched the issue and pushed a clean version to the official code repository.
Several major XRP-related platforms, including XRPScan, First Ledger, and Gen3 Games, confirmed they were not impacted by the breach.
Despite the news, Ripple’s XRP’s price closed U.S. trading on April 22 up more than 3.5%, according to CoinGecko. The token now carries a market cap of over $125 billion, with a fully diluted valuation near $215 billion.
Launched in 2012, the XRP Ledger is one of the longest-standing blockchain networks, known for its focus on payments and institutional DeFi tools. The network has drawn increasing attention in recent months following President Trump’s re-election, which crypto investors have seen as a tailwind for friendlier regulation.
Since November, the Ripple’s token rose more than 300%. Asset managers have since filed proposals with the SEC to launch U.S.-listed ETFs tracking XRP. Just yesterday, Coinbase added XRP futures to its U.S. derivatives platform, signaling growing institutional interest.
Descubra mais sobre
Assine para receber nossas notícias mais recentes por e-mail.