XRP Ledger Foundation spots ‘crypto stealing backdoor’ in code library
The XRP Ledger Foundation has identified a “serious vulnerability” in the official JavaScript library used for interacting with the XRP Ledger blockchain network, the nonprofit said.
On April 22, blockchain security specialist Aikido said in a blog post that XRP Ledger’s open-source JavaScript library was “compromised by sophisticated attackers who put in a backdoor to steal cryptocurrency private keys and gain access to cryptocurrency wallets.”
The JavaScript library includes programs enabling developers to interact with the XRP Ledger and is distinct from the blockchain network itself.
‘“[T]his package is used by hundreds of thousands of applications and websites making it a potentially catastrophic supply chain attack…
