The XRPL NPM package faced a serious compromise where five versions were infected with backdoors aimed at stealing users' private keys, making their cryptocurrency wallets vulnerable. The attack was discovered by Aikido and affected versions include 4.2.1 through 4.2.4 and 2.14.2. Despite the potential risk, the 2.14.2 version is deemed less likely to be exploited. Users are advised to assume their keys may be compromised, rotate them, and secure their funds to mitigate risks. A critical CVE identifier has been assigned to this vulnerability, highlighting its severity but lacking detailed specifics.
The sophisticated attack on the xrpl NPM package involved backdoors designed to steal users' private keys, placing cryptocurrency funds at significant risk.
Developers using compromised xrpl versions should immediately rotate their private keys and consider moving funds to secure wallets to protect against potential theft.
Security researchers were alerted to potential misuse when they noticed new versions appearing on NPM, which did not correlate with releases on XRPL's GitHub.
Aikido discovered the attack, which included backdoors in multiple xrpl versions, and now users must assume risks associated with these compromised releases.
Collection
[
|
...
]