A serious hacker attack on the security of the XRP Ledger ecosystem was thwarted thanks to the prompt intervention of the security team and the report of an expert researcher.Â
A hacker attempted to exploit a developer’s access token to introduce malicious code into one of the most used libraries for interacting with the XRP ledger: xrpl.js.
The attempted attack, if successful, could have turned into a supply chain attack on a large scale, potentially compromising hundreds of thousands of applications and websites that rely on this JavaScript library.
The key role of Aikido Security in the discovery of the vulnerability of the hacker attack on XRP Ledger
The threat was identified by Charlie Eriksen, a researcher at Aikido Security, who detected the anomaly on April 21st.
The company’s monitoring system has detected five suspicious versions of the xrpl.js package published via Node Package Manager (NPM), a platform widely used for the distribution of JavaScript packages.
The hacker managed to gain access to the NPM token of one of the developers, publishing compromised versions of the library: v4.2.1, v4.2.2, v4.2.3, v4.2.4, and v2.14.2.Â
These versions contained malicious code designed to potentially steal private keys, putting the security of crypto wallets at risk.
The xrpl.js library records over 140,000 weekly downloads, and is integrated into a vast number of applications and online services. According to Eriksen, if the malicious code had remained unnoticed for longer, the consequences could have been catastrophic.
Fortunately, key platforms of the XRP ecosystem like Xaman Wallet and XRPScan have confirmed that they were not affected, as they did not use the compromised versions.Â
The risk remained confined to third-party applications that had installed the infected versions during the brief time window before the issue was identified and contained.
The XRP Ledger Foundation promptly responded to the threat, declaring the compromised versions obsolete and releasing a corrected update: xrpl.js v4.2.5.Â
All developers have been invited to immediately update their projects to ensure the security of the entire ecosystem.
The foundation also clarified that the main source code of the XRP Ledger and the related GitHub repository were not affected, as the vulnerability was limited exclusively to the external JavaScript library.
Despite the attack being neutralized, the identity of the author remains still unknown. However, Aikido Security has hinted at having some investigative leads currently under further investigation.Â
The community remains on alert, while experts emphasize the importance of strengthening security measures related to the management of access tokens and the distribution of software packages.
The price of XRP withstands the impact and grows by 8.5%
Despite the alarm, the market reacted with surprising resilience. The price of XRP recorded an increase of 8.5% in the last 24 hours, in line with a broader bull rally of the cryptocurrency market.
This data suggests that investor confidence in the XRP infrastructure has not been shaken by the incident.
In parallel with the security incident, another important chapter for XRP has closed. The controversial legal case between Ripple Labs and the Securities and Exchange Commission (SEC) has finally concluded after more than four years.
Everything began in December 2020, when the SEC accused Ripple of conducting an unregistered securities offering, raising over 1.3 billion dollars through the sale of XRP tokens. Ripple has always maintained that XRP is a digital currency, not a financial security.
In July 2023, District Judge Analisa Torres issued a mixed ruling. That is, the sales of XRP to institutional investors were considered in violation of securities laws, while the sales on public markets were not.
Ripple was therefore ordered to pay a civil penalty of 125 million dollars.
“`html
The final agreement between Ripple and the SEC
“`
In March 2025, Ripple and the SEC reached a definitive agreement. Under the agreement, Ripple will pay 50 million dollars, while the remaining 75 million of the penalty will be returned to the company.Â
Both parties have agreed to withdraw their respective appeals, putting an end to the long legal dispute.
This agreement represents a crucial moment for the cryptocurrency sector, as it establishes an important precedent in the regulation of digital assets in the United States.
The episode of the cyber attack and the conclusion of the lawsuit with the SEC mark two fundamental moments for the future of XRP. On one hand, the rapid and coordinated response to the threat demonstrates the maturity of the security infrastructure of the ecosystem.Â
On the other hand, the end of the legal dispute with the SEC offers greater regulatory clarity, paving the way for new growth opportunities.
In a context where trust is a key element, XRP seems to have overcome two complex challenges. Thus strengthening its position in the bull and bear landscape of cryptocurrencies.