The XRP Ledger Foundation has identified a “serious vulnerability” in the official JavaScript library used for interacting with the XRP Ledger blockchain network, the nonprofit said.

On April 22, blockchain security specialist Aikido said in a blog post that XRP Ledger’s open-source JavaScript library was “compromised by sophisticated attackers who put in a backdoor to steal cryptocurrency private keys and gain access to cryptocurrency wallets.” 

The JavaScript library includes programs enabling developers to interact with the XRP Ledger and is distinct from the blockchain network itself. 

‘“[T]his package is used by hundreds of thousands of applications and websites making it a potentially catastrophic supply chain attack on the cryptocurrency ecosystem,” Aikido said. 

The XRP Ledger Foundation has already upgraded the code repository to “remove the previously compromised version,” it said in an April 22 post on the X platform.

Aikido identified unusual code in XRP’s JavaScript package. Source: Aikido

Related: Coinbase Derivatives lists XRP futures

It added that several XRP Ledger ecosystem projects — including XRPScan, First Ledger, and Gen3 Games — confirmed that they were not impacted by the incident. 

The XRP (XRP) token ended the US trading day up more than 3.5% despite news of the security breach, according to CoinGecko. 

The token has a market capitalization of more than $125 billion and a fully diluted value of approximately $215 billion. 

XRP’s token price on April 22. Source: CoinGecko

Institutional adoption

Launched in 2012, XRP Ledger is among the oldest blockchain networks and specializes in payments and decentralized finance (DeFi) applications for institutions. 

It has been gaining prominence in recent months as a friendlier US regulatory environment paves the way for broader institutional adoption of the network’s token and ecosystem projects. 

The XRP token’s price increased by upward of 300% after crypto-friendly US President Donald Trump prevailed in the November presidential election, according to CoinGecko. 

Since then, several asset managers have asked the US Securities and Exchange Commission (SEC) to approve US-listed exchange-traded funds (ETFs) holding the XRP token. 

On April 21, Coinbase listed futures contracts for the XRP token on its US derivatives exchange. 

Magazine: Crypto ‘more taboo than OnlyFans,’ says Violetta Zironi, who sold song for 1 BTC