Charlie Eriksen from Aikido Security stated that the risk of exposure in the April 2025 XRP Ledger security incident was limited to projects that installed the compromised versions of the xrpl.js library shortly within a short window
Claim
Quotes that support claims
He noted that the potential attack would be limited to third-party services that updated to the malicious versions within a short window. The backdoor also appears to be limited only to versions of the code on Node Package Manager (NPM), a GitHub-like tool used by developers to share reusable JavaScript packages for Node.js projects. Several projects related to XRP, including Xaman Wallet and XRPScan, noted that their services are likely secure.
Referenced by
Summary
Crypto news
Data block
