Observe ZDNET: Add us as a most well-liked supply on Google.
ZDNET’s key takeaways
- Researchers have discovered a flaw in a chip frequent in Android telephones.
- The flaw permits fast entry and theft by way of a USB twine.
- Cybercrime concentrating on {hardware} safety flaws is on the rise.
A {hardware} safety flaw discovered in lots of Android telephones allowed white hat hackers to realize entry in below a minute, in keeping with a brand new report. From there, they accessed delicate person knowledge, together with messages and crypto pockets seed phrases.
The flaw might be exploited by merely connecting an affected Android machine to a laptop computer by way of a USB cable, in keeping with a Wednesday report revealed by Donjon, the analysis division of crypto safety {hardware} firm Ledger. The telephone’s PIN might then be mechanically brute-forced, its storage decrypted, and seed phrases from fashionable crypto wallets like Kraken Pockets and Phantom extracted.
Additionally: The best way to allow Superior Safety in your Android telephone – and why it’s important to take action
“So far as we might inform, this vulnerability has been current for a really very long time — in all probability a decade — and but had not to this point been found publicly,” Ledger CTO Charles Guillemet instructed ZDNET.
A flaw in almost 25% of Android telephones
The vulnerability is rooted within the {hardware}, mentioned Donjon, particularly in Trustonic’s trusted execution setting (TEE), a part of a tool’s processor designed to guard towards hacking, and in MediaTek chips. In response to one estimate, these chips are utilized in as many as one-quarter of all Android smartphones — principally cheaper variations.
Following what Guillemet describes as “months of intense reverse engineering efforts,” Donjon was capable of hack into the units by way of a safety flaw within the MediaTek chips’ “boot chain,” the sequence of cryptographic steps a tool runs by whereas booting up to make sure that all of its encrypted data is safe from an out of doors assault.
Additionally: Do not depend on your router’s USB port when these alternate options are much less susceptible to safety dangers
In about 45 seconds, earlier than the telephone’s working system has even completed totally loading, “an attacker can join over USB and extract the foundation cryptographic keys that shield Android’s full-disk encryption,” Donjon wrote in a press launch.
“We do not know if the actual vulnerability we found has been utilized by attackers up to now — there is not any proof of this,” says Guillemet. “Nevertheless it’s a secure wager that different vulnerabilities with comparable affect nonetheless exist.”
The best way to repair the issue
After being notified of the issue, MediaTek launched a firmware patch that machine producers, corresponding to Samsung, can embrace in safety updates for his or her telephones.
MediaTek revealed a safety incident report final week that included all chipsets discovered to be affected by the vulnerability first detected by Donjon. (Case quantity 2026-20435.) When you’re so inclined, you may seek for your telephone on GSMArena or Kimovil to see if it is constructed with one of many affected chipsets.
The best factor you are able to do, although — in your telephone’s safety and your personal peace of thoughts — is to be sure to’re updated in your telephone producer’s safety updates. Since MediaTek has shared the repair with its vendor companions, these producers ought to be together with it in a forthcoming safety replace in the event that they have not already.
A spike in cybercrime
Cybercrime has been on the rise recently, with hackers exploiting a number of entry factors.
On January 31, blockchain safety platform CertiK reported that greater than $370 million in crypto property had been stolen in that month alone on account of cybersecurity exploits. Of that complete determine, nevertheless, $284 million was misplaced in a single social engineering heist. In that incident, a single pockets holder was tricked by a phishing rip-off masquerading as buyer help into handing over their seed phrase.
Additionally: Your Android telephone simply obtained a robust anti-theft improve – and I am sighing in reduction
The brand new Donjon report highlights an more and more frequent point-of-entry for cybercriminals: {hardware} safety flaws. Android-targeting malware alone shot up by 67% in 2025 in comparison with the earlier 12 months, in keeping with a November 2025 report from IT safety agency Zscaler.
The surging use of AI has additionally been inflicting a spike in safety incidents, together with phishing scams and different assaults, in addition to inner mishaps arising from insufficient, organizationally imposed guardrails.
