Comply with ZDNET: Add us as a most popular supply on Google.
ZDNET’s key takeaways
- Researchers have discovered a flaw in a chip widespread in Android telephones.
- The flaw allows fast entry and theft by way of a USB twine.
- Cybercrime concentrating on {hardware} safety flaws is on the rise.
A {hardware} safety flaw discovered in lots of Android telephones allowed white hat hackers to realize entry in below a minute, in keeping with a brand new report. From there, they accessed delicate person knowledge, together with messages and crypto pockets seed phrases.
The flaw will be exploited by merely connecting an affected Android gadget to a laptop computer by way of a USB cable, in keeping with a Wednesday report revealed by Donjon, the analysis division of crypto safety {hardware} firm Ledger. The cellphone’s PIN may then be mechanically brute-forced, its storage decrypted, and seed phrases from fashionable crypto wallets like Kraken Pockets and Phantom extracted.
Additionally: Methods to allow Superior Safety in your Android cellphone – and why it’s important to take action
“So far as we may inform, this vulnerability has been current for a really very long time — in all probability a decade — and but had not to date been found publicly,” Ledger CTO Charles Guillemet informed ZDNET.
A flaw in practically 25% of Android telephones
The vulnerability is rooted within the {hardware}, mentioned Donjon, particularly in Trustonic’s trusted execution surroundings (TEE), a part of a tool’s processor designed to guard in opposition to hacking, and in MediaTek chips. In accordance with one estimate, these chips are utilized in as many as one-quarter of all Android smartphones — largely cheaper variations.
Following what Guillemet describes as “months of intense reverse engineering efforts,” Donjon was capable of hack into the units by way of a safety flaw within the MediaTek chips’ “boot chain,” the collection of cryptographic steps a tool runs by whereas booting up to make sure that all of its encrypted data is safe from an outdoor assault.
Additionally: Do not depend on your router’s USB port when these options are much less susceptible to safety dangers
In about 45 seconds, earlier than the cellphone’s working system has even completed absolutely loading, “an attacker can join over USB and extract the basis cryptographic keys that defend Android’s full-disk encryption,” Donjon wrote in a press launch.
“We do not know if the actual vulnerability we found has been utilized by attackers up to now — there isn’t any proof of this,” says Guillemet. “Nevertheless it’s a protected wager that different vulnerabilities with related influence nonetheless exist.”
Methods to repair the issue
After being notified of the issue, MediaTek launched a firmware patch that gadget producers, reminiscent of Samsung, can embody in safety updates for his or her telephones.
MediaTek revealed a safety incident report final week that included all chipsets discovered to be affected by the vulnerability first detected by Donjon. (Case quantity 2026-20435.) When you’re so inclined, you may seek for your cellphone on GSMArena or Kimovil to see if it is constructed with one of many affected chipsets.
The only factor you are able to do, although — on your cellphone’s safety and your individual peace of thoughts — is to ensure you’re updated in your cellphone producer’s safety updates. Since MediaTek has shared the repair with its vendor companions, these producers must be together with it in a forthcoming safety replace in the event that they have not already.
A spike in cybercrime
Cybercrime has been on the rise recently, with hackers exploiting a number of entry factors.
On January 31, blockchain safety platform CertiK reported that greater than $370 million in crypto property have been stolen in that month alone as a consequence of cybersecurity exploits. Of that complete determine, nevertheless, $284 million was misplaced in a single social engineering heist. In that incident, a single pockets holder was tricked by a phishing rip-off masquerading as buyer help into handing over their seed phrase.
Additionally: Your Android cellphone simply acquired a robust anti-theft improve – and I am sighing in aid
The brand new Donjon report highlights an more and more widespread point-of-entry for cybercriminals: {hardware} safety flaws. Android-targeting malware alone shot up by 67% in 2025 in comparison with the earlier 12 months, in keeping with a November 2025 report from IT safety agency Zscaler.
The surging use of AI has additionally been inflicting a spike in safety incidents, together with phishing scams and different assaults, in addition to inner mishaps arising from insufficient, organizationally imposed guardrails.
