Observe ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- Researchers have discovered a flaw in a chip frequent in Android telephones.
- The flaw allows fast entry and theft through a USB twine.
- Cybercrime concentrating on {hardware} safety flaws is on the rise.
A {hardware} safety flaw discovered in lots of Android telephones allowed white hat hackers to achieve entry in beneath a minute, in response to a brand new report. From there, they accessed delicate consumer information, together with messages and crypto pockets seed phrases.
The flaw will be exploited by merely connecting an affected Android machine to a laptop computer through a USB cable, in response to a Wednesday report revealed by Donjon, the analysis division of crypto safety {hardware} firm Ledger. The telephone’s PIN might then be mechanically brute-forced, its storage decrypted, and seed phrases from in style crypto wallets like Kraken Pockets and Phantom extracted.
Additionally: How to enable Advanced Protection on your Android phone – and why it’s critical to do so
“So far as we might inform, this vulnerability has been current for a really very long time — most likely a decade — and but had not thus far been found publicly,” Ledger CTO Charles Guillemet advised ZDNET.
A flaw in practically 25% of Android telephones
The vulnerability is rooted within the {hardware}, stated Donjon, particularly in Trustonic’s trusted execution setting (TEE), a part of a tool’s processor designed to guard towards hacking, and in MediaTek chips. In accordance with one estimate, these chips are utilized in as many as one-quarter of all Android smartphones — principally cheaper variations.
Following what Guillemet describes as “months of intense reverse engineering efforts,” Donjon was capable of hack into the units through a safety flaw within the MediaTek chips’ “boot chain,” the collection of cryptographic steps a tool runs by whereas booting up to make sure that all of its encrypted info is safe from an outdoor assault.
Additionally: Don’t rely on your router’s USB port when these alternatives are less prone to security risks
In about 45 seconds, earlier than the telephone’s working system has even completed absolutely loading, “an attacker can join over USB and extract the basis cryptographic keys that defend Android’s full-disk encryption,” Donjon wrote in a press launch.
“We do not know if the actual vulnerability we found has been utilized by attackers up to now — there isn’t any proof of this,” says Guillemet. “But it surely’s a protected wager that different vulnerabilities with related influence nonetheless exist.”
Tips on how to repair the issue
After being notified of the issue, MediaTek launched a firmware patch that machine producers, akin to Samsung, can embrace in safety updates for his or her telephones.
MediaTek published a safety incident report final week that included all chipsets discovered to be affected by the vulnerability first detected by Donjon. (Case quantity 2026-20435.) If you happen to’re so inclined, you may seek for your telephone on GSMArena or Kimovil to see if it is constructed with one of many affected chipsets.
The only factor you are able to do, although — in your telephone’s safety and your individual peace of thoughts — is to ensure you’re updated in your telephone producer’s safety updates. Since MediaTek has shared the repair with its vendor companions, these producers ought to be together with it in a forthcoming safety replace in the event that they have not already.
A spike in cybercrime
Cybercrime has been on the rise these days, with hackers exploiting a number of entry factors.
On January 31, blockchain safety platform CertiK reported that greater than $370 million in crypto belongings have been stolen in that month alone as a consequence of cybersecurity exploits. Of that complete determine, nevertheless, $284 million was lost in a single social engineering heist. In that incident, a single pockets holder was tricked by a phishing rip-off masquerading as buyer help into handing over their seed phrase.
Additionally: Your Android phone just got a powerful anti-theft upgrade – and I’m sighing in relief
The brand new Donjon report highlights an more and more frequent point-of-entry for cybercriminals: {hardware} safety flaws. Android-targeting malware alone shot up by 67% in 2025 in comparison with the earlier yr, in response to a November 2025 report from IT safety agency Zscaler.
The surging use of AI has additionally been inflicting a spike in safety incidents, together with phishing scams and different assaults, in addition to internal mishaps arising from insufficient, organizationally imposed guardrails.
