XRP price remained on an upward trajectory today, even as a serious cybersecurity issue emerged involving the XRP Ledger’s official JavaScript library.
According to blockchain security experts at Aikido, a recent attack compromised the widely used XRPL package hosted on NPM. Although the library seemed authentic, it had been tampered with behind the scenes and this manipulation was not visible in GitHub’s public release history. This breach opened a critical vulnerability, exposing user wallets and private keys to confirmed theft.
The official XRP Ledger Foundation account acknowledged the incident and confirmed the breach via Twitter.
XRP Holds Strong Despite Security Concerns
Interestingly, XRP’s price showed remarkable resilience in the face of this major setback. Currently, XRP is trading at $2.27, marking a gain of 8.14% over the past 24 hours and a weekly increase of 9.66%.
In the weeks leading up to this incident, XRP had been hovering in the $2.00 to $2.14 price range. The latest upward momentum suggests that investors remain confident in the asset’s long-term potential. This bullish trend also mirrors the ongoing broader crypto market recovery, which has been largely driven by Bitcoin’s resurgence.
Backdoor in XRPL NPM Package Raises Alarms
Aikido’s investigation uncovered that certain published versions of the XRPL JavaScript package — specifically versions 4.2.1 through 4.2.4 and 2.14.2 — had been compromised with malicious code. These versions were in active use across many platforms, amplifying the threat of a supply chain-style attack targeting developers and users alike.
The attackers embedded a backdoor that allowed them to intercept private keys from unsuspecting wallets. The stolen data was then transmitted to an external malicious domain, identified as 0x9c.xyz.
Upon further analysis, it was discovered that the culprits gained access through a compromised NPM publisher account linked to the username ‘mukulljangid’. This unauthorized access enabled the modification of the package and its distribution to thousands of users, exposing a significant portion of the XRP community to potential breaches.
Community Response and Mitigation Measures
After the breach came to light, Aikido quickly issued critical advice to affected users. Their top recommendation: immediately discontinue using the affected package versions (i.e., 4.2.1 to 4.2.4 and 2.14.2). In addition, users were urged to regenerate or rotate their private keys and seed phrases to prevent ongoing exposure to risk.
Another important suggestion included reviewing network logs for any suspicious connections to the malicious endpoint 0x9c.xyz to identify if a system had been targeted. To secure wallets and apps moving forward, developers and users were advised to upgrade to the fixed versions of the library: 4.2.5 and 2.14.3.
The Ripple-backed XRP Ledger Foundation acted swiftly to remove the affected packages from the NPM registry. Furthermore, key ecosystem projects — including XRPScan, Gen3 Games, and First Ledger — were confirmed to be uncompromised, helping to ease concerns among XRP holders.
The XRP Ledger Foundation reiterated these updates publicly through a second post on X (formerly Twitter) for transparency and further guidance. You can view the update here.
While this incident underscores the persistent risks in software supply chains, the XRP network’s rapid response and the community’s ongoing trust have helped buoy the asset’s market price. As the situation continues to unfold, crypto users are advised to stay vigilant and implement robust security practices when integrating third-party libraries and dependencies.
