The hacker infects Ripple’s XRP LEDGER software with a cripto “backdoor” – DL News
- The hacker is infected with official programmer software for Blicple’s XRP Ledger BlickCain.
- Since then, the malicious version of the software has been replaced by clean.
The hacker was jeopardized by a key BLICKCAIN programmers used on Monday, the BLICKCAIN, placing thousands of funds in risk, according to Aikido, the CRIPTO security firm.
Aikido discovered that Hacker infected official package manager KSRP XRP Ledger with malicious code at 20:53 at 20:53 on Monday.
The software uses “hundreds of thousands of applications and websites that makes it a catastrophic supply chain on cryptocurrency ecosystem,” Charlie Eriksen, Aikido security researcher said report.
New version
According to XRPL GitHub, the node package manager has been taken 140,000 times last week.
The software was updated To the new version designed to overcome compromised versions on Tuesday in the area at 21.m in the UK on Tuesday.
XRP LEDGER – or XRPL – is Ripple’s respond In rival public blockades such as Etherm and Solana. Uses some same software as Etherum and can support Smart contractsUnlike Main Blipple Blockain.
Defy apps on XRPL hold worth $ 80 million.
It is not clear how the hacker could replace XRPL software with malicious versions. It is also unclear how much users download or is affected by malware while still lived.
Ripple did not immediately respond to a comment request.
The incident increases concerns about the security level on the Ripple and KSRP book.
In January 2024. year, Ripple Co-founder Chris Larsen lost $ 112 million The value of XRP tokens in theft which has been since then tied On a compromise in the LastPass Softpass software company.
After the price of XRP increased about 294% over the past year, the stolen tokens are now worth $ 449 million.
The private key to theft
The compromise started when the user called Mukullljangid published five new versions of the KSRPL node package, without the appropriate edition at XRPL Github, something Eriksen said it was very suspicious.
Over several version updates, the hacker built-in code in the KSRPL software is designed to steal private keys like passwords approved access to crypto wallets.
If the hacker was to gain knowledge of these keys, they could use them to access crypto wallets and transfer funds without the permission of their owners.
Multiple versions updates show that the attacker “was actively working on attack, trying out various ways to insert the law, although it is possible as hiddenly,” Eriksen said.
In Cyber-tocas, Backdoor is a secret, an undocumented way to circumvent normal security measures to obtain unauthorized access to the system or network.
Eriksen said that malicious software was discovered by Aikido’s public threat that uses large language models for monitoring and identification whether the malicious code was added to new or existing software.
Last year, private key compromises made up the largest share of stolen crypto at 43.8%, according to a report From the Cripto Security company Lancaalis.
The CRAIG team is DL News’ Edinburgh correspondent based on Edinburgh. Reach with the tops on tim@dlnevs.com.
(Tagstotranslate) Ripple (T) Hacks
https://www.dlnews.com/resizer/v2/URV3E7RLNJA4BOZL2XQLLE4RYQ.jpg?smart=true&auth=862abae3ffbc083fd1dbad78d96e46a7381360af0cbf0ed9df307981bfe22506&width=1200&height=630
2025-04-22 19:18:00
