Android Phone Crypto Wallets Could Be at Risk Due to MediaTek Exploit: Ledger
A vulnerability in some Android smartphones with MediaTek processors allows attackers to extract encrypted user data in less than a minute via USB, using an exploit discovered by Ledger’s security team. By targeting the device’s secure boot chain, attackers can extract cryptographic keys before the operating system loads, enabling offline decryption of the phone’s storage. In demonstrations with the Nothing CMF Phone 1, PINs, storage contents, and cryptocurrency wallet seed phrases were recovered in under 45 seconds, even when the phone was powered off. This exploit potentially affects millions of devices from brands including Samsung, Motorola, Xiaomi, and others, though the full list of vulnerable models is unclear. The vulnerability not only threatens crypto wallets but could also expose messages, financial data, photos, and account credentials. Ledger notes that software wallets on general-purpose phone chips are more exposed to such attacks, while hardware wallets and devices with dedicated Secure Elements offer greater protection by isolating sensitive information. The vulnerability was disclosed to MediaTek and has since been made public.
