The XRP Ledger Foundation has identified a 'serious vulnerability” in its official JavaScript library

On April 22, blockchain security specialist Aikido said in a blog post that XRP Ledger’s open-source JavaScript library was “compromised by sophisticated attackers”

The XRP Ledger Foundation has identified a “serious vulnerability” in the official JavaScript library used for interacting with the XRP Ledger blockchain network, the nonprofit said.

On April 22, blockchain security specialist Aikido said in a blog post that XRP Ledger’s open-source JavaScript library was “compromised by sophisticated attackers who put in a backdoor to steal cryptocurrency private keys and gain access to cryptocurrency wallets.”

The JavaScript library includes programs enabling developers to interact with the XRP Ledger and is distinct from the blockchain network itself.

“[T]his package is used by hundreds of thousands of applications and websites making it a potentially catastrophic supply chain attack on the cryptocurrency ecosystem,” Aikido said.

The XRP Ledger Foundation has already upgraded the code repository to “remove the previously compromised version,” it said in an April 22 post on the X platform.

We've identified a serious vulnerability in the official JavaScript library used for interacting with the XRP Ledger. This package is used by developers to integrate their applications with the XRP Ledger.

Several projects in the XRP Ledger ecosystem—including XRPScan, First Ledger, and Gen3 Games—have confirmed that they are not impacted by this incident.

The vulnerability has been patched, and the code repository has been upgraded to remove the previously compromised version.

The Foundation is committed to the security and stability of the XRP Ledger ecosystem. We are grateful to the researchers at Aikido for their swift discovery and disclosure of this vulnerability.

We will continue to monitor the situation and provide updates as needed.

— XRP Ledger Foundation (@XRPLF) April 22, 2024

It added that several XRP Ledger ecosystem projects — including XRPScan, First Ledger, and Gen3 Games — confirmed that they were not impacted by the incident.

The XRP token ended the US trading day up more than 3.5% despite news of the security breach, according to CoinGecko.

The token has a market capitalization of more than $125 billion and a fully diluted value of approximately $215 billion.

Institutional adoption

Launched in 2012, XRP Ledger is among the oldest blockchain networks and specializes in payments and decentralized finance (DeFi) applications for institutions.

It has been gaining prominence in recent months as a friendlier US regulatory environment paves the way for broader institutional adoption of the network’s token and ecosystem projects.

The XRP token’s price increased by upward of 300% after crypto-friendly US President Donald Trump prevailed in the November presidential election, according to CoinGecko.

Since then, several asset managers have asked the US Securities and Exchange Commission (SEC) to approve US-listed exchange-traded funds (ETFs) holding the XRP token.

On April 21, Coinbase listed futures contracts for the XRP token on its US derivatives exchange.

News data source: kdj.com

The above is the detailed content of The XRP Ledger Foundation has identified a 'serious vulnerability” in its official JavaScript library. For more information, please follow other related articles on the PHP Chinese website!