XRP Ledger Foundation spots ‘crypto stealing backdoor’ in code library

The XRP Ledger Foundation has identified a “serious vulnerability” in the official JavaScript library used for interacting with the XRP Ledger blockchain network, the nonprofit said.

On April 22, blockchain security specialist Aikido said in a blog post that XRP Ledger’s open-source JavaScript library was “compromised by sophisticated attackers who put in a backdoor to steal cryptocurrency private keys and gain access to cryptocurrency wallets.” 

The JavaScript library includes programs enabling developers to interact with the XRP Ledger and is distinct from the blockchain network itself. 

‘“[T]his package is used by hundreds of thousands of applications and websites making it a potentially catastrophic supply chain attack on the cryptocurrency ecosystem,” Aikido said. 

The XRP Ledger Foundation has already upgraded the code repository to “remove the previously compromised version,” it said in an April 22 post on the X platform.

Aikido identified unusual code in XRP’s

Read More at https://cointelegraph.com/news/xrp-ledger-foundation-spots-crypto-stealing-backdoor-javascript-package?utm_source=rss_feed&utm_medium=rss&utm_campaign=rss_partner_inbound