Ripple’s recommended XRP library xrpl.js hacked to steal wallets

The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and private keys and transfer them to an attacker-controlled server, allowing threat actors to steal all the funds stored in the wallets. Malicious code was added to versions 2.14.2, 4.2.1, 4.2.2, 4.2.3, and 4.2.4 of the xrpl NPM package and published to the NPM registry yesterday between 4:46 PM and 5:49 PM ET. These compromised versions have since been removed, and a clean 4.2.5 release is now available that all users should upgrade to immediately. The xrpl.js library is maintained by the XRP Ledger Foundation (XRPLF) and is Ripple's recommended library for interacting with the XRP blockchain via JavaScript. It enables wallet operations, XRP transfers, and other ledger features. Due to it being the recommended library for interacting with the XRP blockchain, it has seen widespread adoption, with over 140,000 downloads over the past week. The NPM library was modifi ... Read full article.