A potential security incident was averted when a hacker successfully exploited a developer’s access token to inject harmful code into a critical toolkit utilized by applications on the XRP Ledger.
The vulnerability was uncovered by Charlie Eriksen, a researcher at Aikido Security, and it posed a considerable risk of a widespread supply chain attack affecting the cryptocurrency ecosystem.
Hacker Utilizes NPM Token to Distribute Infected Versions of xrpl.js on XRP Ledger
Aikido Security reported that the hacker gained access to a developer’s Node Package Manager (NPM) token, which enabled them to upload compromised versions of xrpl.js, the official JavaScript library for interfacing with the XRP Ledger.
With over 140,000 downloads each week, the library is integrated into hundreds of thousands of applications and websites, raising alarms about the potential breadth of the security breach.
Eriksen cautioned in a security update, “This could have been catastrophic,” pointing out that the vulnerability could have allowed attackers to steal private keys, endangering users’ crypto wallets.
The malicious payload was identified on April 21, as Aikido’s monitoring system flagged five versions of the package that were deemed suspicious.
We have discovered a backdoor in the official #xrpl NPM package. This back door steals private keys and sends them to attackers. The affected versions 4.2.1 – 4.2.4, if you are using an earlier version, do not upgrade.#crypto #malware #npm pic.twitter.com/wshcTFKjbR
— Aikido Security (@AikidoSecurity) April 22, 2025
Fortunately, notable XRP-related platforms such as Xaman Wallet and XRPScan confirmed they were not impacted by the breach.
The threat was primarily confined to third-party applications that had installed the compromised versions—specifically v4.2.1 through v4.2.4 and v2.14.2—during a brief period before the situation was mitigated.
The XRP Ledger Foundation acted quickly, deprecating the affected versions and releasing a patched update, v4.2.5, urging all developers utilizing xrpl.js to upgrade without delay.
The foundation reassured users that the core XRP Ledger codebase and its GitHub repository remained unaffected by the vulnerability, which was limited to the external JavaScript library.
While the hacker’s identity is still unknown, Aikido Security mentioned they might have leads that are currently under investigation.
With today’s npm vulnerability, it’s a clear reminder about truly knowing what you’re using.
At Xaman, our track record speaks for itself.
We’ve been feature-complete, security-first from day one, building everything in-house.
No shortcuts.
This is what trust looks like. https://t.co/LH1nEFrlPH
— Robert @XamanWallet (@robertkiuru) April 22, 2025
Despite the scare, XRP demonstrated resilience, experiencing an 8.5% increase in value over the past 24 hours, coinciding with a broader rally in the cryptocurrency market.
SEC Lawsuit Against Ripple Labs Concludes After Four Years
The protracted legal battle between Ripple Labs and the U.S. Securities and Exchange Commission (SEC) has officially concluded, marking a pivotal development in the realm of cryptocurrency regulation.
In December 2020, the SEC initiated a lawsuit against Ripple Labs, alleging the company conducted an unregistered securities offering through the sale of XRP tokens, which reportedly raised over $1.3 billion.
Ripple countered the allegation, asserting that XRP should be classified as a digital currency rather than a security.
In July 2023, U.S. District Judge Analisa Torres issued a mixed ruling, determining that XRP’s sale to institutional investors violated securities laws, while sales executed on public exchanges did not qualify as such.
As a consequence, Ripple was ordered to pay a civil penalty of $125 million.
In March 2025, Ripple and the SEC reached an agreement that stipulated Ripple would pay $50 million of the previously imposed fine, with the remaining $75 million refunded to the company.
Both parties also agreed to withdraw their respective appeals, effectively bringing the litigation to a close.
The post Hacker Tries to Attack XRP Ledger Using Developer Access, Security Team Stops It appeared first on Finance Newso.
