Ledger's security team has identified a critical vulnerability in Android smartphones using MediaTek chips that allows attackers with physical device access to steal cryptocurrency wallet seed phrases in approximately 45 seconds via USB connection.
The exploit, demonstrated during research, successfully extracted private key data from three major wallet applications: Trust Wallet, Kraken Wallet, and Phantom. The vulnerability leverages low-level access to MediaTek processors, enabling attackers to bypass standard Android security protections and recover seed phrases that grant complete control over cryptocurrency holdings.
The discovery underscores a critical intersection between hardware vulnerabilities and cryptocurrency security. While the attack requires physical access to a device, the 45-second extraction window presents a material risk for users in theft-prone environments or those subjected to device seizure. The vulnerability affects a significant portion of Android devices globally, given MediaTek's market share in budget and mid-range smartphones commonly used in emerging markets with growing cryptocurrency adoption.
The disclosure comes as the cryptocurrency industry faces mounting pressure to address security gaps across wallet infrastructure. Users of affected devices are advised to implement additional security measures, while wallet developers and device manufacturers face pressure to develop mitigations for the underlying hardware flaw.