XRP Ledger Foundation discovers 'backdoor stealing cryptocurrency' in code library

The foundation stated that a software update package has been released to eliminate the security vulnerability.

The nonprofit XRP Ledger Foundation reported that it has identified a "serious vulnerability" in the official JavaScript library used to interact with the XRP Ledger blockchain network.

On April 22, blockchain security expert Aikido stated in a blog post that the open-source JavaScript library of XRP Ledger had been "compromised by sophisticated attackers inserting a backdoor to steal private keys of cryptocurrency and access cryptocurrency wallets".

The JavaScript library includes programs that allow developers to interact with the XRP Ledger and differentiates it from the blockchain network.

Aikido stated: "This package is used by hundreds of thousands of applications and websites, making it a potentially catastrophic supply chain attack on the cryptocurrency ecosystem".

XRP Ledger Foundation has upgraded its code repository to "remove the previously compromised version", according to a post on April 22 on platform X.

The report also added that several projects in the XRP Ledger ecosystem — including XRPScan, First Ledger, and Gen3 Games — have confirmed that they are not affected by this incident.

According to Theo CoinGecko, this token ended the trading day in the United States with an increase of over 3.5% despite the news of the security breach.

This token has a market capitalization of over 125 billion dollars and a fully diluted valuation of approximately 215 billion dollars.

84333400422