Ripple Supply Chain Attack

XRP wallet's using the xrpl.js file likely have private keys compromised

I just found out today that hackers were able to change official XRP files used for web browser wallets and steal private keys and seed phrases.

This hack was discovered a week ago and any wallets using the xrpl.js file should be considered compromised and have all funds moved to a freshly downloaded and installed wallet.

As far as I can tell people using hardware wallets (another great reason to set one up!) were not affected, such as Trezor and Ledger Nano.

If you’d like help setting up a secure place to store your Ripple let me know and hopefully no one was affected by this attack. You can read more here - https://www.aikido.dev/blog/xrp-supplychain-attack-official-npm-package-infected-with-crypto-stealing-backdoor

Good luck and stay safe out there!
~Matt

---