XRP has faced a major security incident involving the xrpl.js JavaScript library, a widely used npm package in Ripple-related development. The package was compromised in a software supply chain attack, exposing private keys and raising concerns among developers and projects relying on the XRP Ledger.
The issue was initially flagged by Aikido Security and later confirmed by Ripple’s CTO, David Schwartz. It affected specific versions published on Node Package Manager (NPM): 4.2.1 through 4.2.4 and 2.14.2. Popular platforms like Xaman Wallet and XRPScan confirmed they were not affected. Ripple responded by releasing patched versions 4.2.5 and 2.14.3, urging developers to update immediately.
Read Also: SUI Rally Heats Up — Now Outranking AVAX and LINK After Grayscale Trust Launch
🚨We have discovered a backdoor in the official #xrpl NPM package. This back door steals private keys and sends them to attackers. The affected versions 4.2.1 – 4.2.4, if you are using an earlier version, do not upgrade.#crypto #malware #npm pic.twitter.com/wshcTFKjbR
— Aikido Security (@AikidoSecurity) April 22, 2025
Moreover, security analysts and past documentation have repeatedly called out Ripple’s practices around package distribution. One major concern has been the absence of PGP signatures on Git commits and release tags, as well as the use of insecure HTTP for Ubuntu package distribution. These gaps make it difficult to verify code authenticity or audit its origins.
Ripple Labs hosts its code on GitHub and encourages open-source contributions. However, without a secure signing mechanism in place, projects depending on its tools remain vulnerable to tampering during the software delivery process.
Read Also: Dinner With Donald? $TRUMP Pumps, But These Bearish Signals Can’t Be Ignored
Bitcoin developer Peter Todd weighed in following the breach. In a recent post on X (formerly Twitter), he highlighted that he had warned about these risks over ten years ago. Todd criticized Ripple for continuing to ignore calls for PGP signing and other security best practices, suggesting that this very issue could have been avoided with stronger code verification measures.
10 years after I pointed out the risk of a Ripple backdoor due to Ripple not PGP signing their software or providing any other way to get it securely… there's a a Ripple backdoor due to an npm compromise. 😂https://t.co/5Z3x68KeB5 pic.twitter.com/IkR3sG3pfd
— Peter Todd (@peterktodd) April 23, 2025
Furthermore, the XRP Ledger Foundation issued a statement confirming that the vulnerability is confined to the xrpl.js npm package. They clarified that the XRP Ledger’s core codebase and its GitHub repositories remain unaffected. Still, the event underscores the importance of secure software practices, particularly in ecosystems handling sensitive cryptographic keys.
Read Also: Can Bittensor Really Make Millionaires in 2025? TAO Price Prediction
Follow us on X (Twitter), CoinMarketCap and Binance Square for more daily crypto updates.
Get all our future calls by joining our FREE Telegram group.
We recommend eToro
Wide range of assets: cryptocurrencies alongside other investment products such as stocks and ETFs.
Copy trading: allows users to copy the trades of leading traders, for free.
User-friendly: eToro’s web-based platform and mobile app are user-friendly and easy to navigate.
