Ripple: XRP Ledger SDK suffers security Breach
The XRP Ledger Foundation highlighted an unscrupulous exploit involving the JavaScript SDK is supposed to interface with the XRPL
Quick overview
- The XRP Ledger Foundation confirmed a serious vulnerability in the xrpl npm package, affecting versions 4.2.1-4.2.4 and 2.14.2.
- Wietse Wind, CEO of XRPL Labs, assured users that the Xaman Wallet was not affected due to its use of different libraries.
- The malicious code in the compromised package could send users' private keys to an attacker's server, risking their assets.
- Aikido Security identified the issue through automated monitoring, leading to the release of a safe NPM package by the XRP Ledger Foundation.
The XRP Ledger Foundation highlighted an unscrupulous exploit involving the JavaScript SDK is supposed to interface with the XRPL.
The XRP Ledger Foundation confirmed the problem.”Earlier today, a security researcher from @AikidoSecurity identified a serious vulnerability in the xrpl npm package (v4.2.1-4.2.4 and v2.14.2).”
About the breach, Wietse Wind, the CEO and founder of XRPL Labs, stated on Twitter that users should remain calm because Xaman Wallet was not subject to the vulnerability.
Wind elaborated that the product does not use xrpl.js but rather uses libraries it developed, called xrpl-client and xrpl-accountlib, whose structure is such that wallet connections are made without signing the transaction.
He further described how the incident unfolded, claiming that malicious code included in the xrpl.js package would send the attacker’s server private keys generated or imported by the user. This, in turn, enabled hackers to collect key pairs, wait for the wallets to be funded, and steal the assets.
Wind encouraged everyone who made an XRP wallet with the API or any related tool to consider it hacked and to move their assets as soon as possible.
The XRP Ledger Foundation made the SDK safe for developers to use by releasing a clean NPM package that eliminates the malicious code.
After its automated threat monitoring system identified questionable updates to the XRPL package on NPM, Aikido Security found the vulnerability. Five new versions that did not correspond to any official releases on the XRP Ledger’s GitHub repository were included in these updates, which were posted by a user going by the moniker “mukulljangid.”
After looking into it, Aikido discovered that the compromised versions had a malicious function called checkValidityOfSeed that, when users established a wallet, transferred private keys to the hacker’s server at 0x9c[.]xyz, potentially enabling them to steal their cryptocurrency.
- Check out our free forex signals
- Follow the top economic events on FX Leaders economic calendar
- Trade better, discover more Forex Trading Strategies
- Open a FREE Trading Account
Related Articles
Comments
Sidebar rates
Related Posts
Save
Join 350 000+ traders receiving Free Trading Signals
Alerts
Rates
Calendar
Signals