The xrpl.js library is maintained by the XRP Ledger Foundation ... Threat actors can use this information to import a stolen XRP wallet on their own devices to drain any funds within it.