XRP Price Climbs Despite Major Breach in XRP Ledgers Official JavaScript Library
Today, XRP maintained its uptrend despite a significant security breach involving one of XRP Ledger's JavaScript libraries. Blockchain security firm Aikido identified the hack, revealing that a sophisticated attack had compromised the XRPL package on NPM. While it appeared official, it was in fact compromised and not reflected in GitHubs official release history. This security flaw exposed users to confirmed theft of private keys and compromised wallets. The official XRP Ledger foundation account on X confirmed the development. https://twitter.com/XRPLF/status/1914659876833284399XRP Price Remains ResilientDespite the serious security incident, XRPs price has shown resilience. As of today, XRP is trading at $2.27, reflecting a notable 8.14% increase in the last 24 hours and a 9.66% rise over the past seven days.Before today, XRP consolidated around the $2.00 to $2.14 range for the previous weeks. This surge in price suggests that market participants have not been significantly deterred by the security breach. Notably, the XRP uptrend aligns with the broader market recovery led by Bitcoin.Security Breach in NPM PackageFor context, Aikido researchers found that the malicious actors had inserted a backdoor into versions 4.2.1 to 4.2.4 and 2.14.2 of the XRPL NPM package. These versions, widely used across numerous applications and websites, made the package a potential target for a massive supply chain attack. The backdoor allowed attackers to capture private keys from cryptocurrency wallets. Aikido confirmed that attackers were able to steal the keys and send them to a designated external domain, 0x9c.xyz.The vulnerability was traced to a compromised NPM account with publish access to the official XRP Ledger package, associated with the username mukulljangid.This compromise allowed the backdoor into the package, putting thousands of crypto users at risk.Immediate Action and RecommendationsFollowing the discovery of the attack, Aikido issued urgent recommendations for users. They advised immediate cessation of use for versions 4.2.1 to 4.2.4 and 2.14.2 and suggested rotating private keys and seed phrases to prevent any ongoing theft.Researchers also recommended scanning network logs for connections to the malicious domain, 0x9c.xyz, as a precaution. Furthermore, Aikido emphasized the need to upgrade to the newly patched versions: 4.2.5 and 2.14.3, to ensure continued security and minimize further risks.Ripples foundation quickly responded, confirming that the compromised packages had been removed. Key projects, including XRPScan, Gen3 Games, and First Ledger, were not affected by the breach, offering some reassurance to the XRP community.https://twitter.com/XRPLF/status/1914726964151177644
Text source: The Crypto Basic
