Home Finance SKN | MediaTek Fixes Security Flaw That Could Expose Crypto Seed Phrases in Seconds
Finance

SKN | MediaTek Fixes Security Flaw That Could Expose Crypto Seed Phrases in Seconds

Share
Share

Key Points

  • MediaTek patched a vulnerability that could allow attackers to steal crypto seed phrases from smartphones in under a minute.
  • The flaw exploited the chipmaker’s secure boot chain and could be triggered using a USB connection.
  • Security researchers urge users to install the latest device updates to remain protected.

Mobile chip manufacturer MediaTek has patched a security flaw that could have allowed attackers to extract cryptocurrency seed phrases from certain Android devices in as little as 45 seconds.

The vulnerability was discovered by the security research team Donjon, which operates under the crypto hardware wallet company Ledger.

After identifying the flaw, the researchers privately disclosed it to MediaTek, which released a security patch on Jan. 5. Users who have not installed the latest updates are being urged to update their devices as soon as possible.

Exploit Targeted the Secure Boot Process

The vulnerability was linked to MediaTek’s secure boot chain — a mechanism designed to ensure that smartphones start with authorized software and maintain system integrity during the startup process.

Researchers found that an attacker with physical access to a phone could connect the device to a computer through a USB cable and bypass several of the phone’s built-in security protections.

Once the exploit was triggered, it could potentially allow access to sensitive information stored on the device, including cryptocurrency wallet seed phrases.

Demonstration Showed Rapid Device Compromise

Ledger’s research team demonstrated the exploit using a Nothing CMF Phone 1 connected to a laptop.

According to the researchers, the attack allowed them to recover the phone’s PIN, decrypt the device’s storage and extract seed phrases from multiple popular crypto wallets — all without the phone fully booting into the Android operating system.

Among the affected applications were wallets such as Trust Wallet, Phantom and Rabby Wallet.

Millions of Devices Potentially Impacted

The vulnerability could affect devices using MediaTek processors and the Trustonic Trusted Execution Environment.

Researchers estimate that roughly a quarter of Android smartphones rely on this architecture, meaning a large number of devices could theoretically be vulnerable if they remain unpatched.

Because millions of people store cryptocurrency wallets on their phones, even a single security flaw can potentially expose a significant number of digital assets.

Security Experts Warn About Mobile Wallet Risks

Ledger security experts say the incident highlights the inherent security challenges associated with using general-purpose smartphones to store sensitive cryptographic keys.

According to Charles Guillemet, smartphones are not specifically designed to protect cryptographic secrets under physical attack.

Dedicated hardware wallets instead rely on specialized secure elements that isolate private keys from the rest of the system, reducing the risk of extraction even if a device is compromised.

While MediaTek has already released a patch addressing the flaw, experts recommend keeping mobile devices updated and exercising caution when storing cryptocurrency keys on smartphones.

Comparison, examination, and analysis between investment houses

Leave your details, and an expert from our team will get back to you as soon as possible

    Share

    Leave a comment

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    Don't Miss

    SKN | Last-Minute MiCA Approvals Complete Europe’s New Crypto Licensing Era

    Key Points • European regulators issued a final wave of MiCA licenses as the EU’s transitional period officially ended on July 1. •...

    SKN | Strategy’s Capital Restructuring Eases ‘Death Spiral’ Concerns but Leaves Bitcoin Exposure in Focus

    Key Takeaways Strategy’s revised capital structure is designed to improve financial flexibility and reduce concerns over forced asset sales during periods of Bitcoin...

    Related Articles

    SKN | XRP Slides 22% in One Month as Investors Assess the Next Phase for Ripple’s Token

    XRP has declined approximately 22% over the past 30 days, reflecting broader...

    SKN | Rising Bitcoin Exchange Deposits Signal Higher Volatility as Analysts Watch the $53,000 Support Zone

    Bitcoin (BTC) is facing renewed scrutiny after a noticeable increase in exchange...

    SKN | Bitcoin and Ethereum Begin July on Stronger Footing as Market Sentiment Improves

    Bitcoin (BTC) and Ethereum (ETH) opened July with renewed momentum, extending gains...

    Investcoin

    GET A FREE, EXPERT-BACKED
    INVESTMENT COMPARISON TODAY