and XRP LEDGER (XRPL) The auditor warned projects and developers that the network is at risk. He revealed some critical problems on the network, which exposes users and their money to the risk of exploitation.
The auditor warns that the Professor XRP book is at risk
in X postTell the Vet Vet Vet of XRP LEDGER developer and network projects that use the XRPL JS library not to update or use any version 4.2.1 or higher, as it was penetrated. He pointed out that any project is used The latest version of XRPL Users and funds are at risk of attacking from infiltrators.
Vet Warning was a response to the participation of Aikido Security, and they stated that they had discovered a rear door in the official LEDGER NPM package. Blockchain security company added that this back door steals the special keys and sends it to the attackers. The affected versions are 4.2.1 and 4.2.4, so developers and projects should not upgrade these versions.
Ripple technology official (CTO) David Schwartz He also commented on a professor’s notebook, noting that it was just the NPM XRPL.js of the NPM that was hacked. It was also alluded to a post by the great software engineer at Ripple Mayukha Vadari. Fadari stated that the professor’s book himself is not affected by harmful programs.
The engineer emphasized that the packages of harmful programs only affect the services that use XRPL.Js and were promoted to the harmful versions that were published about a day ago. He added that Gabbap is still safe, as NPM was only penetrated. Fadari urged users to avoid services that have access to their own keys and seed phrases until they confirmed that these services are not affected by these malware.
XRPL provides update
the XRP Ledger Foundation He also submitted an update on the status of malware. In the X Publication, the Foundation explained that the weakness in XRPL.js, the Javascript Library to interact with XRPL. They also mentioned that the weakness does not affect the base of the network code or the GitHub warehouse itself. Meanwhile, the Foundation urged projects using XRPL.js to upgrade to V4.2.5 immediately.
The XRP LEDGER Foundation has also confirmed in the thread that it had neglected XRPL.js versions at risk on NPM. They stated that they would participate in the detailed death after death soon and again, and the projects and developers have urged to ensure that they use the 4.2.5 or 2.14.3 versions.
In another X post, the Foundation announced that it had published an updated NPM package for 2.14.X branch users to remove the previously displayed version. They asked this XRP LEDGER Users to update immediately to version 2.14.3 to prevent attack.
Distinctive image from YouTube, Chart from TradingView.com
Editing process For Bitcoinist, it is focused on providing accurate, accurate and non -biased content. We support strict resource standards, and each page is subject to a diligent review by our team of senior technology experts and experienced editors. This process guarantees the integrity of our content, importance and value of our readers.
