Ripple has issued a warning about malicious code found in recent versions of the xrpl.js library, which could threaten the security of users' cryptocurrency wallets.
Detection of Malicious Code
David Schwartz, chief technical officer at Ripple, has taken to social media to warn users about the compromise of the xrpl.js library used by XRPL developers. Earlier today, Aikido Security announced that the XRPL package on NPM had been compromised. Some new versions of the software contained malicious code that was not part of the official GitHub repository.
Impact on Users
The malicious code could secretly send private keys to an unknown domain. Consequently, the cryptocurrency wallets of users who installed the compromised versions of the SDK might be at risk. However, regular XRP users relying on well-known applications like Xumm are unlikely to be affected.
Precautionary Measures and Conclusions
It is worth noting that the dangerous versions have already been removed by official maintainers at the XRP Ledger Foundation. The security of the XRP Ledger itself has not been compromised. 'XRPL is fine; it is the developer SDK that was compromised,' Aikido Security clarified. GitHub remains safe, while only NPM was compromised. Aikido Security has stated that it is investigating the threat actors involved.
Thus, despite concerns regarding the xrpl.js library, the security of the XRP Ledger remains high. Users should exercise caution and monitor the versions of libraries they are using.
