Supply Chain Attack Targets XRP Ledger SDK: Backdoor Steals Private Keys

Popular：

Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Supply Chain Attack Targets XRP Ledger SDK: Backdoor Steals Private Keys

2025-04-22

On April 21st, Aikido Intel detected five new versions of the official XRP Ledger SDK (xrpl package) containing malicious code. Attackers inserted a backdoor into the official NPM package to steal cryptocurrency private keys and access cryptocurrency wallets. The attackers leveraged the package's widespread use, creating a potentially catastrophic supply chain attack. The malicious code sends private keys to a newly registered domain, 0x9c[.]xyz. The attackers iteratively refined their attack, starting with modifications to the bundled JavaScript code and progressing to altering the TypeScript source before compilation, to obscure their actions. This attack highlights the vulnerability of software supply chains.

(www.aikido.dev)

Tech

Swiss Army Knife of Radiation Detectors: A Breakthrough in Compact Multipurpose Radiation Detection

arXivLabs: Community Collaboration on New arXiv Features