Crypto Times Logo Black
Google News Follow Banner
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • DeFi News
    • Blockchain News
    • Industry
  • Exclusive
    ExclusiveShow More
    Anthropic’s Claude Fable 5 Crypto Hacks
    Anthropic’s Claude Fable 5: The AI That Could Supercharge Crypto Hacks and Defenses
    CLARITY Act Stalls Why Senate's August Recess Puts US Crypto Rules at Risk
    CLARITY Act Stalls: Why Senate’s August Recess Puts US Crypto Rules at Risk
    Three Stories, One Pattern Why Binance Is Having Its Worst Week Since the Pardon
    Three Stories, One Pattern: Why Binance Is Having Its Worst Week Since the Pardon
    Coinbase India Head Addresses Re-Entry Launch Glitches and the 12-Month Roadmap
    Coinbase India Head Addresses Re-Entry Launch Glitches and the 12-Month Roadmap
    Inside the Trump Family’s $1.2B Crypto Windfall Who Paid the Price
    Inside the Trump Family’s $1.2B Crypto Windfall: Who Paid the Price?
  • Opinion
    OpinionShow More
    Why Wall Street is Divided Michael Saylor’s Scarcity vs. Tom Lee’s Staking Empire
    Why Wall Street is Divided: Michael Saylor’s Scarcity vs. Tom Lee’s Staking Empire
    The Arthur Hayes Paradox Macro Prophet or Market Opportunist
    The Arthur Hayes Paradox: Macro Prophet or Market Opportunist?
    RBI Denies Gold Sale Amid Oil Crisis: Could It Speed Up India's Digital Rupee Push?
    RBI Denies Gold Sale Amid Oil Crisis: Could It Speed Up India’s Digital Rupee Push?
    The CLARITY Act War Starts Jamie Dimon Vs Armstrong
    The CLARITY Act War Starts: Jamie Dimon Vs Armstrong
    Is Crypto Dying, or Is Pump.fun Turning It Into an Attention Casino
    Is Crypto Dying, or Is Pump.fun Turning It Into an Attention Casino?
  • Learn
    • Explained
    • How To
    • Insights
  • Videos
  • More
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
The Crypto TimesThe Crypto Times
  • All News
  • Market
  • Bitcoin
  • Ethereum
  • Altcoins
  • Regulations & Policies
  • Blockchain
  • DeFi
  • Industry
  • Exclusive
  • Opinion
Search
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • Blockchain
    • DeFi
    • Industry
    • Exclusive
    • Opinion
  • Learn
    • Explained
    • How To
    • Insights
  • Quick Links
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
    • AI Policy
    • Sponsored & Advertorial Policy
  • Videos
  • Glossary
Follow US
© 2026 By Crypto Times. All Rights Reserved.
Blockchain News

XRP Ledger Encounters Bug that Could’ve Put Network on Risk

Written By Gopal Solanky Gopal Solanky
Fact Checked by Vaibhav Jha Vaibhav Jha
Published 2025-04-23·Updated 1 year ago
Make The Crypto Times preferred on GoogleGoogle
Share
XRP Ledger Encounters a Severe Bug & Put Network on Risk

While XRP Ledger continues evolving with newer developments, one of its Javascript libraries has encountered a security vulnerability in a latest incident that could have put the whole network on severe security risk. 

The xrpl.js JavaScript library – which is a widely used tool for interacting with the XRP Ledger network—was found to have malicious code in some of the latest versions. This library is maintained by the XRP Ledger Foundation and recommended by Ripple for interacting with the XRP blockchain. 

Although the breach is now fixed by the team, repositories are updated with the latest patches. 

The vulnerability was first found by the blockchain security firm Aikido Security with the firm identifying a backdoor in versions 4.2.1 through 4.2.4 of the library. This breach could allow attackers to steal private keys and drain user wallets. 

🚨We have discovered a backdoor in the official #xrpl NPM package. This back door steals private keys and sends them to attackers. The affected versions 4.2.1 – 4.2.4, if you are using an earlier version, do not upgrade.#crypto #malware #npm pic.twitter.com/wshcTFKjbR

— Aikido Security (@AikidoSecurity) April 22, 2025

“This back door steals private keys and sends them to attackers,” said the Aikido team, adding “The affected versions 4.2.1 – 4.2.4, if you are using an earlier version, do not upgrade.”

According to Charlie Eriksen, a malware researcher at Aikido Security, this is a sophisticated supply chain exploit and it likely involved the compromise of a Ripple employee’s npm account under the username ‘mukulljangid.’

“The official XRPL (Ripple) NPM package was compromised by sophisticated attackers who put in a backdoor to steal cryptocurrency private keys and gain access to cryptocurrency wallets,” Charlie said in his analysis. 

The rapid release of multiple compromised versions in a short time frame suggests the attackers were testing methods to evade detection. This attack was aimed to siphon sensitive data such as private keys, wallet seeds, and mnemonics while transmitting them to an attacker-controlled domain, 0x9c[.]xyz. 

Fortunately, timely and urgent fix of the breach prevented any major distribution as the library boasts over 140,000 weekly downloads and many would have fallen victim to it. 

Also read: XRP Offers More Utility Than Bitcoin, Says Teucrium CEO

Disclaimer: The information researched and reported by The Crypto Times is for informational purposes only and is not a substitute for professional financial advice. Investing in crypto assets involves significant risk due to market volatility. Always Do Your Own Research (DYOR) and consult with a qualified Financial Advisor before making any investment decisions.

Follow The Crypto Times on Google News to Stay Updated!      Google News
Google News Banner

Share This Article
Whatsapp Whatsapp LinkedIn Telegram Copy Link
Gopal Solanky, Senior Reporter for Markets and Protocols at The Crypto Times
By Gopal Solanky Sr. Crypto Journalist
Follow:
Gopal Solanky is a Senior Reporter for Markets & Protocols at The Crypto Times, based in Ahmedabad. He covers institutional crypto adoption, Bitcoin treasury strategies, DeFi markets, protocol ecosystems, Ethereum network activity, Hyperliquid, on-chain trends, and broader digital asset market movements. Gopal has been active in the crypto ecosystem for more than six years. Before joining The Crypto Times full-time in 2023, he worked as a freelance crypto content writer, developing a strong understanding of blockchain infrastructure, DeFi protocols, market cycles, token mechanics, and peer-to-peer systems. His reporting focuses on explaining how protocols work, why market movements happen, and how institutional and on-chain activity affects crypto investors and builders. At The Crypto Times, Gopal also hosts on-the-record interviews with regional Web3 founders, protocol teams, and ecosystem leaders. His work has been cited by external publications, including Vulture.com, in coverage of major crypto stories such as the Hawk Tuah memecoin controversy. His reporting has also contributed to The Crypto Times’ coverage of major industry events, including FTX-related developments, institutional crypto adoption, and emerging protocol narratives. Gopal holds a Bachelor’s degree in Computer Applications, giving him a technical foundation for analyzing blockchain systems, crypto infrastructure, and market data.
Vaibhav Jha - Former Editor In The Crypto Times
By Vaibhav Jha
Vaibhav Jha is an Editor and Content Head at The Crypto Times. He comes on board with a vast array of experience working as a journalist for leading national and international English newspapers. He has a penchant for research and storytelling is his forte. When not working, Vaibhav can be found watching Hindi classic movies or listening to 90's music.

Latest News

French Couple Loses €1.5M in Crypto to Camera-Glasses 'Rip Deal' Scam
French Couple Loses €1.5M in Crypto to Camera-Glasses ‘Rip Deal’ Scam
Belgian Authorities Arrest 19-Year-Old in €500K Crypto Laundering Scheme
Belgian Authorities Arrest 19-Year-Old in €500K Crypto Laundering Scheme
Who Really Controls Open USD The Governance Questions Behind the Hype
Who Really Controls Open USD? The Governance Questions Behind the Hype
Germany’s Local Banks Open Crypto Trading to Millions of Retail Users
Germany’s Local Banks Open Crypto Trading to Millions of Retail Users
Anthropic’s Claude Fable 5 Crypto Hacks
Anthropic’s Claude Fable 5: The AI That Could Supercharge Crypto Hacks and Defenses

Find Us on Socials

You may also like

Justin Sun's TRON Activates Quantum-Resistant Signatures on Nile Testnet

Justin Sun’s TRON Activates Quantum-Resistant Signatures on Nile Testnet

RLUSD Hits Major XRPL Milestone as Supply Tops 50% on Network

RLUSD Hits Major XRPL Milestone as Supply Tops 50% on Network

Robinhood Chain Claims 4x Solana Speed With 100ms Blocks — But Do We Really Need Ultra-Fast Blockchains?

Robinhood Chain Claims 4x Solana Speed With 100ms Blocks — But Do We Really Need Ultra-Fast Blockchains?

StarkWare Says Starknet Has the Easiest Quantum Migration of Any Chain

StarkWare Says Starknet Has the Easiest Quantum Migration of Any Chain

The Crypto Times Logo PNG

Providing real-time, accurate Crypto reporting. Your trusted source for Crypto News and Research.

Stay Updated

All News
Exclusive
Opinions
Learn
Videos
Glossary

Company

About Us
Our Authors
Editorial Policy
AI Policy
Advertorial Policy

Get In Touch

Contact Us
Career

Find Us on Socials

X-twitter Linkedin Telegram Youtube Instagram

© 2026 The Crypto Times | A BITROCK TECHNOLOGIES L.L.C. Company.

DMCA.com Protection Status
  • Terms and Conditions
  • Disclaimer
  • Privacy Policy
  • Cookie policy
Do Not Sell or Share My Personal Information