Latest news with #NodePackageManager
Yahoo
29-04-2025
- Business
- Yahoo
How Critical XRP Ledger Software Got Compromised With Crypto-Stealing 'Backdoor' In 'Potentially Catastrophic Supply Chain Attack'
Benzinga and Yahoo Finance LLC may earn commission or revenue on some items through the links below. XRP holders have been targeted in 'a potentially catastrophic' exploit. Efforts to identify the bad actor are underway. The XRP Ledger Foundation has responded to the situation, but some projects may have already been affected. XRP, the cryptocurrency associated with blockchain payments firm Ripple, has increasingly been in the limelight in recent months amid an impressive run of form and regulatory wins. Over the past 24 hours, the project has again grabbed headlines, but not for the reasons users would like. XRP holders have been targeted in 'a potentially catastrophic' exploit. Aikido Security, a security platform for developers, on Tuesday reported that the official software development kit of the XRP Ledger, the blockchain underpinning the cryptocurrency, had been compromised in an exploit that likely put millions of user assets at risk. Don't Miss: — no wallets, just price speculation and free paper trading to practice different strategies. Grow your IRA or 401(k) with Crypto – . 'This package is used by hundreds of thousands of applications and websites making it a potentially catastrophic supply chain attack on the cryptocurrency ecosystem,' Aikido Malware researcher Charlie Erikson wrote. Specifically, a bad actor released malicious versions of the software disguised as updates on the Node Package Manager registry, a website used to manage JavaScript software packages, to compromise projects leveraging the package to build and run applications on the XRPL with crypto-stealing malware. Aikido said that its systems started flagging the exploit at 20:53 UTC on Monday when a user with the moniker 'mukulljangid' started releasing new versions of the SDK on NPM. But the firm could not match these releases to corresponding versions on the official GitHub, raising red flags. On further investigation, Aikido said it found that the new version releases contained malicious code that created a backdoor for attackers to steal user private keys, which they could use to gain unauthorized access to wallets. Trending: New to crypto? on Coinbase. According to Aikido, the attacker appeared to improve the sophistication of the exploit with each version release: 'Going from manually inserting the backdoor into the built JavaScript code, into putting it into the TypeScript code and then compiling it down into the built version.' Explaining how the bad actor accessed the XRPL SDK NPM in the first place, Aikido said that a developer's access token must have been stolen, though it is currently unclear how. The firm also said it had 'a hunch' on who the bad actors might be but was trying to confirm. The XRP Ledger Foundation has since deprecated the malicious version releases on NPM and released two new versions of the SDK to override the compromised packages. The team has also promised a full post-mortem. Aikido urged projects using the SDK to inspect their network logs to ensure they were not been compromised. 'If you believe that you may have been impacted, it's important to assume that any seed or private key that was processed by the code has been compromised. Those keys should no longer be used, and any assets associated with them should be moved to another wallet/key immediately,' Erikson wrote. Decentralized applications on the XRP Ledger hold over $80 million in user assets. Read Next: A must-have for all crypto enthusiasts: . Maximize saving for your retirement and cut down taxes: . Image: Shutterstock Send To MSN: 0 This article How Critical XRP Ledger Software Got Compromised With Crypto-Stealing 'Backdoor' In 'Potentially Catastrophic Supply Chain Attack' originally appeared on
Yahoo
29-04-2025
- Business
- Yahoo
How Critical XRP Ledger Software Got Compromised With Crypto-Stealing 'Backdoor' In 'Potentially Catastrophic Supply Chain Attack'
Benzinga and Yahoo Finance LLC may earn commission or revenue on some items through the links below. XRP holders have been targeted in 'a potentially catastrophic' exploit. Efforts to identify the bad actor are underway. The XRP Ledger Foundation has responded to the situation, but some projects may have already been affected. XRP, the cryptocurrency associated with blockchain payments firm Ripple, has increasingly been in the limelight in recent months amid an impressive run of form and regulatory wins. Over the past 24 hours, the project has again grabbed headlines, but not for the reasons users would like. XRP holders have been targeted in 'a potentially catastrophic' exploit. Aikido Security, a security platform for developers, on Tuesday reported that the official software development kit of the XRP Ledger, the blockchain underpinning the cryptocurrency, had been compromised in an exploit that likely put millions of user assets at risk. Don't Miss: — no wallets, just price speculation and free paper trading to practice different strategies. Grow your IRA or 401(k) with Crypto – . 'This package is used by hundreds of thousands of applications and websites making it a potentially catastrophic supply chain attack on the cryptocurrency ecosystem,' Aikido Malware researcher Charlie Erikson wrote. Specifically, a bad actor released malicious versions of the software disguised as updates on the Node Package Manager registry, a website used to manage JavaScript software packages, to compromise projects leveraging the package to build and run applications on the XRPL with crypto-stealing malware. Aikido said that its systems started flagging the exploit at 20:53 UTC on Monday when a user with the moniker 'mukulljangid' started releasing new versions of the SDK on NPM. But the firm could not match these releases to corresponding versions on the official GitHub, raising red flags. On further investigation, Aikido said it found that the new version releases contained malicious code that created a backdoor for attackers to steal user private keys, which they could use to gain unauthorized access to wallets. Trending: New to crypto? on Coinbase. According to Aikido, the attacker appeared to improve the sophistication of the exploit with each version release: 'Going from manually inserting the backdoor into the built JavaScript code, into putting it into the TypeScript code and then compiling it down into the built version.' Explaining how the bad actor accessed the XRPL SDK NPM in the first place, Aikido said that a developer's access token must have been stolen, though it is currently unclear how. The firm also said it had 'a hunch' on who the bad actors might be but was trying to confirm. The XRP Ledger Foundation has since deprecated the malicious version releases on NPM and released two new versions of the SDK to override the compromised packages. The team has also promised a full post-mortem. Aikido urged projects using the SDK to inspect their network logs to ensure they were not been compromised. 'If you believe that you may have been impacted, it's important to assume that any seed or private key that was processed by the code has been compromised. Those keys should no longer be used, and any assets associated with them should be moved to another wallet/key immediately,' Erikson wrote. Decentralized applications on the XRP Ledger hold over $80 million in user assets. Read Next: A must-have for all crypto enthusiasts: . Maximize saving for your retirement and cut down taxes: . Image: Shutterstock Send To MSN: 0 This article How Critical XRP Ledger Software Got Compromised With Crypto-Stealing 'Backdoor' In 'Potentially Catastrophic Supply Chain Attack' originally appeared on
