Cell phone chipmaker MediaTek patched a vulnerability affecting its chipsets in January that might have allowed an attacker to steal crypto seed phrases on affected units utilizing only a USB cable and the best software program.
The flaw was found by Ledger’s white-hat safety workforce, Donjon, who had shared the vulnerability with MediaTek earlier than a patch was rolled out on Jan. 5, although customers who haven’t put in the most recent safety patches are suggested to take action, stated Ledger.
Take a look at gadget compromised in 45 seconds
In response to Ledger, the flaw got here from MediaTek’s safe boot chain, a safety mechanism constructed into its chips that ensures a cellphone begins safely and solely with approved software program throughout startup.
In a press release shared with Cointelegraph, Ledger defined that the flaw meant an attacker with entry to an Android cellphone may join it to a pc through USB and bypass safety protections, probably having access to delicate knowledge on the gadget, together with crypto pockets seed phrases.
Round 25% of Android telephones use the Trustonic Trusted Execution Surroundings (TEE) and MediaTek processors, which the safety flaw exploits.
Donjon demonstrated the hack by connecting a Nothing CMF Cellphone 1 to a laptop computer and compromising the gadget’s safety in roughly 45 seconds.
“With out ever even booting into Android, the exploit mechanically recovered the cellphone’s PIN, decrypted its storage, and extracted the seed phrases from the most well-liked software program wallets: Belief Pockets, Base, Kraken Pockets, Rabby, Tangem’s Cell Pockets and Phantom,” Ledger stated.
Whereas Ledger urged customers to replace their units, a Ledger spokesperson informed Cointelegraph they “don’t anticipate this to be an ongoing challenge.”
Cell phones are by no means secure, Ledger says
With nearly 36 million folks managing digital property on their telephones as of early 2025, even a single vulnerability may put a big variety of wallets in danger.
In December 2025, Ledger revealed that it examined an assault on the MediaTek Dimensity 7300 (MT6878), and bypassed its safety measures to achieve “full and absolute management over the smartphone, with no safety barrier left standing.”
Ledger chief know-how officer Charles Guillemet informed Cointelegraph in June 2020 that cell phones, whether or not Android or iPhone, are “very troublesome to have safe functions.”
Associated: SlowMist introduces Web3 safety stack for autonomous AI brokers
He strengthened an identical view on Wednesday, posting on X: “Smartphones aren’t constructed for safety. Even when powered off, person knowledge – together with pins & seeds – might be extracted in underneath a minute.”
“This analysis highlights a basic architectural distinction: Normal-purpose chips are constructed for comfort. Safe Components are constructed for key safety. A devoted Safe Component isolates secrets and techniques from the remainder of the system, defending them even underneath bodily assault,” he stated.
Journal: All 21 million Bitcoin is in danger from quantum computer systems