Cell phone chipmaker MediaTek patched a vulnerability affecting its chipsets in January that might have allowed an attacker to steal crypto seed phrases on affected gadgets utilizing only a USB cable and the precise software program.
The flaw was found by Ledger’s white-hat safety staff, Donjon, who had shared the vulnerability with MediaTek earlier than a patch was rolled out on Jan. 5, although customers who haven’t put in the most recent safety patches are suggested to take action, mentioned Ledger.
Check system compromised in 45 seconds
In accordance with Ledger, the flaw got here from MediaTek’s safe boot chain, a safety mechanism constructed into its chips that ensures a telephone begins safely and solely with licensed software program throughout startup.
In a press release shared with Cointelegraph, Ledger defined that the flaw meant an attacker with entry to an Android telephone may join it to a pc through USB and bypass safety protections, doubtlessly getting access to delicate knowledge on the system, together with crypto pockets seed phrases.
Round 25% of Android telephones use the Trustonic Trusted Execution Setting (TEE) and MediaTek processors, which the safety flaw exploits.
Donjon demonstrated the hack by connecting a Nothing CMF Telephone 1 to a laptop computer and compromising the system’s safety in roughly 45 seconds.
“With out ever even booting into Android, the exploit robotically recovered the telephone’s PIN, decrypted its storage, and extracted the seed phrases from the preferred software program wallets: Belief Pockets, Base, Kraken Pockets, Rabby, Tangem’s Cell Pockets and Phantom,” Ledger mentioned.
Whereas Ledger urged customers to replace their gadgets, a Ledger spokesperson instructed Cointelegraph they “don’t anticipate this to be an ongoing difficulty.”
Cell phones are by no means protected, Ledger says
With nearly 36 million people managing digital property on their telephones as of early 2025, even a single vulnerability may put a major variety of wallets in danger.
In December 2025, Ledger revealed that it examined an assault on the MediaTek Dimensity 7300 (MT6878), and bypassed its security measures to achieve “full and absolute management over the smartphone, with no safety barrier left standing.”
Ledger chief know-how officer Charles Guillemet instructed Cointelegraph in June 2020 that cellphones, whether or not Android or iPhone, are “very troublesome to have safe purposes.”
Associated: SlowMist introduces Web3 security stack for autonomous AI agents
He strengthened an analogous view on Wednesday, posting on X: “Smartphones aren’t constructed for safety. Even when powered off, person knowledge – together with pins & seeds – could be extracted in underneath a minute.”
“This analysis highlights a elementary architectural distinction: Basic-purpose chips are constructed for comfort. Safe Parts are constructed for key safety. A devoted Safe Component isolates secrets and techniques from the remainder of the system, defending them even underneath bodily assault,” he mentioned.
Journal: All 21 million Bitcoin is at risk from quantum computers
