Comply with ZDNET: Add us as a most popular supply on Google.
ZDNET’s key takeaways
- Researchers have discovered a flaw in a chip frequent in Android telephones.
- The flaw permits fast entry and theft through a USB twine.
- Cybercrime concentrating on {hardware} safety flaws is on the rise.
A {hardware} safety flaw discovered in lots of Android telephones allowed white hat hackers to achieve entry in below a minute, in keeping with a brand new report. From there, they accessed delicate person information, together with messages and crypto pockets seed phrases.
The flaw might be exploited by merely connecting an affected Android gadget to a laptop computer through a USB cable, in keeping with a Wednesday report printed by Donjon, the analysis division of crypto safety {hardware} firm Ledger. The telephone’s PIN might then be routinely brute-forced, its storage decrypted, and seed phrases from standard crypto wallets like Kraken Pockets and Phantom extracted.
“So far as we might inform, this vulnerability has been current for a really very long time — in all probability a decade — and but had not up to now been found publicly,” Ledger CTO Charles Guillemet informed ZDNET.
A flaw in almost 25% of Android telephones
The vulnerability is rooted within the {hardware}, mentioned Donjon, particularly in Trustonic’s trusted execution surroundings (TEE), a part of a tool’s processor designed to guard in opposition to hacking, and in MediaTek chips. In line with one estimate, these chips are utilized in as many as one-quarter of all Android smartphones — largely cheaper variations.
Following what Guillemet describes as “months of intense reverse engineering efforts,” Donjon was in a position to hack into the units through a safety flaw within the MediaTek chips’ “boot chain,” the collection of cryptographic steps a tool runs via whereas booting up to make sure that all of its encrypted info is safe from an out of doors assault.
In about 45 seconds, earlier than the telephone’s working system has even completed totally loading, “an attacker can join over USB and extract the basis cryptographic keys that shield Android’s full-disk encryption,” Donjon wrote in a press launch.
“We do not know if the actual vulnerability we found has been utilized by attackers previously — there isn’t any proof of this,” says Guillemet. “But it surely’s a secure wager that different vulnerabilities with related influence nonetheless exist.”
Learn how to repair the issue
After being notified of the issue, MediaTek launched a firmware patch that gadget producers, reminiscent of Samsung, can embrace in safety updates for his or her telephones.
MediaTek printed a safety incident report final week that included all chipsets discovered to be affected by the vulnerability first detected by Donjon. (Case quantity 2026-20435.) For those who’re so inclined, you may seek for your telephone on GSMArena or Kimovil to see if it is constructed with one of many affected chipsets.
The best factor you are able to do, although — to your telephone’s safety and your personal peace of thoughts — is to ensure you’re updated in your telephone producer’s safety updates. Since MediaTek has shared the repair with its vendor companions, these producers needs to be together with it in a forthcoming safety replace in the event that they have not already.
A spike in cybercrime
Cybercrime has been on the rise currently, with hackers exploiting a number of entry factors.
On January 31, blockchain safety platform CertiK reported that greater than $370 million in crypto property had been stolen in that month alone as a consequence of cybersecurity exploits. Of that whole determine, nonetheless, $284 million was misplaced in a single social engineering heist. In that incident, a single pockets holder was tricked by a phishing rip-off masquerading as buyer help into handing over their seed phrase.
The brand new Donjon report highlights an more and more frequent point-of-entry for cybercriminals: {hardware} safety flaws. Android-targeting malware alone shot up by 67% in 2025 in comparison with the earlier yr, in keeping with a November 2025 report from IT safety agency Zscaler.
The surging use of AI has additionally been inflicting a spike in safety incidents, together with phishing scams and different assaults, in addition to inside mishaps arising from insufficient, organizationally imposed guardrails.
