The Foundation announced that a patch has already been released to fix this security vulnerability.
The XRP Ledger Foundation identified a 'critical vulnerability' in the official JavaScript library used to interact with the XRP Ledger blockchain network, according to a statement released by the nonprofit organization.
On April 22, Aikido, a blockchain security specialist, indicated in a blog post that the open-source JavaScript library of the XRP Ledger had been 'compromised by sophisticated attackers who set up a backdoor to steal cryptocurrency private keys and access wallets.'
This JavaScript library contains programs that allow developers to communicate with the XRP Ledger network. It is distinct from the blockchain infrastructure itself.
According to Aikido, 'this package is used by hundreds of thousands of applications and websites, making it a potentially catastrophic attack for the entire crypto supply chain.'
The XRP Ledger Foundation announced on X (formerly Twitter) on April 22 that it had updated the code repository to remove the compromised version.
The Foundation clarified that several projects in the XRP Ledger ecosystem — including XRPScan, First Ledger, and Gen3 Games — have confirmed they were not affected by this incident.
Launched in 2012, the XRP Ledger network is one of the oldest blockchain projects. It specializes in payments and decentralized finance (DeFi) applications aimed at institutions.
The project has gained visibility in recent months, benefiting from a more favorable regulatory environment in the United States, which facilitates the institutional adoption of its token and ecosystem.
According to CoinGecko, the price of XRP surged by more than 300% after pro-crypto President Donald Trump's victory in the November presidential election.
Since then, several asset managers have requested permission from the U.S. Securities and Exchange Commission (SEC) to launch XRP-based ETFs.
On April 21, Coinbase began offering futures contracts on XRP through its U.S. platform dedicated to derivative products.