Named Cryptocurrency Ripple XRPL.JS was compromised by unknown threats within the frame of supplying software designed to collect and private customer keys.
It was found that the harmful activity affected five different versions of the package: 4.2.1, 4.2.2, 4.2.3, 4.2.4 and 2.14.2. The question was address In versions 4.2.5 and 2.14.3.
XRPL.JS – Popular API JavaScript for interaction with XRP Ledger Blockchain, also called Ripple, is a cryptocurrency platform launched by Ripple laboratories in 2012. The package was downloaded To date, more than 2.9 million times, attracting more than 135,000 downloads of the weekly.
“The official NPM XPRL package was compromised by the complex attackers who put into the back of the theft of private cryptocurrency keys and access cryptocurrencies’ wallets,” Charlie Eriksen Aikido Security – Note.
The malicious code changes have been made by a user called “Mukulljangid“On April 21, 2025, when threatening subjects are a new feature called CheckValityofSeed, which is designed to transmit stolen information to an external domain (” 0x9c (.) XYZ “).
It is worth noting that “Mukulljangid” is likely belongs to Ripple employeeindicating that their NPM account was hacked to remove the supply chain attack.
It is said that the attacker tried different ways to get into the back corner, trying to avoid detecting, as evidenced by different versions released in a short period of time. There is no evidence that the related gitHub repository was back.
It is unclear who is behind the attack, but it is believed that the threat subjects managed to steal a marker of access to the developer to connect the library.
In the light of the incident, users who rely on the XRPL.JS library are recommended to update their instances to the latest version (4.2.5 and 2.14.3) to mitigate potential threats.
“This vulnerability is located in XRPL.JS, JavaScript Library for interaction with XRP Ledger”, the XRP Ledger Fund – Note In a message on X. “This does not affect the Codger XRP repositors or GitHub repositors. Projects using XRpl.js should immediately update to v4.2.5.
