A potential security crisis was avoided closely after a hacker has exploited the access token of a developer to inject malicious code into a key tool used by applications on the large XRP book.
The vulnerability, identified by the Aikido security researcher, Charlie Eriksen, could have led to a large supply of supply chain through the cryptography ecosystem.
Hacker uses the NPM token to publish XRPL.js malicious versions on XRP Ledger
According to Aikido Security, the attacker had access to the token of the Nodes Package Manager (NPM) of a developer, allowing them to publish compromise versions of XRPL.JS, the official JavaScript library to interact with the large XRP book.
With more than 140,000 weekly downloads, the package is widely integrated into hundreds of thousands of applications and websites, which raises concerns about the potential scale of violation.
“It could have been catastrophic,” warned Eriksen in an update of security, noting that the flaw theoretically allowed attackers to steal private keys, by endangering cryptographic wallets.
The malicious code was detected on April 21, when the Aikido surveillance system reported five suspect package versions.
We discovered a stolen door in the civil servant #xrpl NPM package. This rear door steals the private keys and sends them to the attackers. Assigned versions 4.2.1 – 4.2.4, if you use an earlier version, do not set up.#crypto #malware #Npm pic.twitter.com/wshctfkjbr
– Aikido safety (@Aikidosecurity) April 22, 2025
We discovered a stolen door in the civil servant Fortunately, the main platforms linked to XRP such as Xaman Wallet and Xrpscan confirmed that they were not affected.
The risk was limited to third -party applications that installed the compromised versions – V4.2.1 to V4.2.4 and V2.14.2 – during a short window before the problem was contained.
The XRP Ledger Foundation responded quickly, depreciating the affected versions and releasing an update corrected, V4.2.5, urging all developers using XRPL.JS to upgrade immediately.
The foundation said that the Core XRP Ledger code base and its Github repository remained intact, as the vulnerability was isolated at the external JavaScript library.
While the identity of the pirate remains unknown, the security of Aikido has suggested to have avenues under investigation.
Despite fear, XRP prices have shown resilience, up 8.5% in the last 24 hours in the middle of a wider rally in the cryptography market.
The dry trial against Ripple Labs concludes after four years
The legal dispute between Ripple Labs and the Securities and Exchange Commission (SEC) of the United States ended after more than four years, marking a significant development in the regulation of cryptocurrencies.
In December 2020, the SEC filed a complaint against Ripple Labs, alleging that the company had led an offer of uncrowded titles by selling XRP tokens, rising more than $ 1.3 billion.
Ripple challenged the complaint, arguing that XRP is a digital currency, not a guarantee.
In July 2023, the US district judge Anals Torres made a mixed decision: she determined that XRP sales to institutional investors violated securities laws, while sales on public exchanges did not do so.
Consequently, Ripple was ordered to pay a civil sanction of $ 125 million.
In March 2025, Ripple and the SEC reached regulation. Under the agreement, Ripple would pay $ 50 million in the previously imposed fine, the remaining $ 75 million returned to the company.
The two parties agreed to remove their respective calls, effectively implementing the dispute.
The Hacker Post tries to attack XRP Ledger using access to the developer, the security team stops, he appeared first on Cryptonews.
