![[The AI Show Episode 144]: ChatGPT’s New Memory, Shopify CEO’s Leaked “AI First” Memo, Google Cloud Next Releases, o3 and o4-mini Coming Soon & Llama 4’s Rocky Launch](https://www.marketingaiinstitute.com/hubfs/ep%20144%20cover.png)
![Is This Programming Paradigm New? [closed]](https://miro.medium.com/v2/resize:fit:1200/format:webp/1*nKR2930riHA4VC7dLwIuxA.gif)
-Classic-Nintendo-GameCube-games-are-coming-to-Nintendo-Switch-2!-00-00-13.png?width=1920&height=1920&fit=bounds&quality=70&format=jpg&auto=webp#)
_Wavebreakmedia_Ltd_FUS1507-1_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![New iPhone 17 Dummy Models Surface in Black and White [Images]](https://www.iclarified.com/images/news/97106/97106/97106-640.jpg)
![Hands-On With 'iPhone 17 Air' Dummy Reveals 'Scary Thin' Design [Video]](https://www.iclarified.com/images/news/97100/97100/97100-640.jpg)
Ripple cryptocurrency software library hit by major security issue, wallets under threat
Malicious commits were uploaded to NPM but quickly removed.
- A malicious actor used a compromised Ripple dev account to publish commits to NPM
- The commits would grant access to people's crypto wallets
- They were downloaded around 450 times before being pulled down
A JavaScript library recommended by a major cryptocurrency company has been hijacked, with users now being at risk of losing access to their crypto wallets, as well as the funds stored inside.
Researchers warned omeone managed to break into a NPM account belonging to a developer associated with Ripple.
After breaking into the account, the threat actor modified the NPM JavaScript library named ‘xrpl.js”. Versions 2.14.2, 4.2.1, 4.2.2, 4.2.3, and 4.2.4 of the xrpl NPM package were modified and then published to NPM. The xrpl.js library is used to interact with the XRP Ledger (XRPL) from JavaScript applications, enabling developers to send transactions, check balances, and manage accounts on the network. It is maintained by the XRP Ledger Foundation and is Ripple’s recommended library for interacting with the XPR blockchain via JavaScript.
Keeper is a cybersecurity platform primarily known for its password manager and digital vault, designed to help individuals, families, and businesses securely store and manage passwords, sensitive files, and other private data.
It uses zero-knowledge encryption and offers features like two-factor authentication, dark web monitoring, secure file storage, and breach alerts to protect against cyber threats.
Preferred partner (What does this mean?)View Deal
GitHub not affected
Ripple is a cryptocurrency company that built XRP, currently the fourth biggest cryptocurrency. It is designed for cross-border payments and currency transfers, primarily for financial institutions. At press time, XRP has a market capitalization of $132.34 billion, and a daily transaction volume of $5 billion.
Before being pulled down, the malicious updates amassed 452 downloads. The latest version showing now is 4.2.5 and this one is clean. Users are advised to upgrade immediately. Usually, the library has more than 100,000 downloads a week.
The malicious commits are not found in the GitHub repository, which should mean the attack occurred during the NPM publishing process.
In the meantime, the XRP Ledger Foundation took to X to clarify that the XRP Ledger codebase and GitHub repository were not affected:
“To clarify: This vulnerability is in xrpl.js, a JavaScript library for interacting with the XRP Ledger. It does NOT affect the XRP Ledger codebase or Github repository itself. Projects using xrpl.js should upgrade to v4.2.5 immediately,” it said.
Xaman Wallet, XRPScan, First Ledger, and Gen3 Games projects were not affected.
Via BleepingComputer
You might also like
- Docker API servers being hit to spread cryptomining malware
- Take a look at our guide to the best authenticator app
- We've rounded up the best password managers
