Mobile chip manufacturer MediaTek fixed a vulnerability affecting its chipsets in January. This flaw could allow attackers to steal cryptocurrency seed phrases from affected devices using only a USB cable and specific software.
According to Ledger, the vulnerability was discovered by Ledger's white-hat security team, Donjon, who shared the issue with MediaTek before releasing a patch on January 5. Ledger advises users who have not yet installed the latest security patch to update as soon as possible.
Test Device Compromised in 45 Seconds
Ledger states that the vulnerability originates from MediaTek's secure boot chain, a security mechanism built into its chips designed to ensure that phones boot securely and only use authorized software.
In a statement shared with Cointelegraph, Ledger explained that the vulnerability means an attacker with access to an Android phone can connect it to a computer via USB and bypass security protections, potentially accessing sensitive data on the device, including cryptocurrency wallet seed phrases.
Source: Charles Guillemet
About 25% of Android phones use Trustonic Trusted Execution Environment (TEE) and MediaTek processors, and this security flaw exploits that fact.
Donjon demonstrated the hack by connecting a Nothing CMF Phone 1 to a laptop and compromising the device's security in about 45 seconds.
Ledger stated, “There is no need to boot into Android; the vulnerability can automatically recover the phone's PIN code, decrypt its storage, and extract seed phrases from the most popular software wallets: Trust Wallet, Base, Kraken Wallet, Rabby, Tangem’s Mobile Wallet, and Phantom.”
While Ledger urges users to update their devices, a spokesperson for Ledger told Cointelegraph that they “do not expect this to be a persistent issue.”
Ledger: Phones Are Never Secure
“This research highlights a fundamental architectural difference: general-purpose chips are built for convenience. Secure elements are built for key protection. Dedicated secure elements isolate keys from the rest of the system, protecting them even under physical attacks,” he said.