Gate News: On March 11, security research team Donjon, a subsidiary of crypto wallet Ledger, discovered a vulnerability in the MediaTek processor secure boot chain. Attackers can physically connect to the phone via USB before the operating system loads to extract encryption keys, decrypt device storage, and obtain the device PIN and encrypted wallet seed phrase within approximately 45 seconds. In a proof-of-concept test, the vulnerability successfully extracted sensitive data from Trust Wallet, a certain exchange wallet, and Phantom wallet applications. Researchers stated that this vulnerability could affect about 25% of Android phones, specifically models using MediaTek chips and Trustonic Trusted Execution Environment. Ledger’s Chief Technology Officer Charles Guillemet said that smartphones were never designed to be vaults. While the vulnerability can be fixed with a patch, it highlights the inherent risks of storing keys on non-secure devices, and users are advised to update security patches as soon as possible.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Colombia and U.S. Authorities Dismantle CJNG-Linked Crypto Laundering Network Worth $190M
Gate News message, April 25 — Colombian and U.S. law enforcement agencies have jointly dismantled a transnational cryptocurrency money laundering network linked to Mexico's Jalisco New Generation Cartel (CJNG). The network has transferred over $190 million in illicit funds through crypto channels
GateNews2h ago
France Reports 135 Crypto-Related Kidnapping Cases Since 2023, Including Minors; 75 Detained
Gate News message, April 25 — France's organized crime prosecution office (PNACO) reported that 135 cryptocurrency-related kidnapping or attempted kidnapping cases have been recorded in the country since 2023. Among the 12 cases currently under investigation, 88 individuals have been formally
GateNews3h ago
California Man Sentenced to 70 Months for Money Laundering in $263M Crypto Theft Scheme
Gate News message, April 25 — A 22-year-old man from Newport Beach, California, Evan Tangeman, has been sentenced to 70 months in federal prison and 3 years of supervised release for his role in a multi-state social engineering crime ring that stole over $263 million in cryptocurrency, according to
GateNews5h ago
41 Crypto Kidnappings in France in 3.5 Months; Durov Blames Data Leaks
Gate News message, April 24 — France has experienced 41 kidnappings of cryptocurrency holders in just 3.5 months of 2026, according to Pavel Durov, Telegram founder, who attributed the surge to widespread data leaks. Durov highlighted in an X post that sensitive personal data—including information h
GateNews9h ago
Italian Researcher Wins 1 BTC Bounty for 32,767-Bit Quantum Attack on Elliptic Curve Keys
Gate News message, April 24 — Giancarlo Lelli, an Italian researcher, has been awarded one Bitcoin after demonstrating the largest-scale quantum attack on elliptic curve cryptography to date. The breakthrough escalates concerns about quantum threats to Bitcoin, Ethereum, and other assets secured
GateNews11h ago
Luck.io, Solana's Non-Custodial Casino, Shuts Down; Users Urged to Withdraw Funds Immediately
Gate News message, April 24 — Luck.io, a non-custodial casino platform built on Solana, announced its closure on April 24, 2026, urging all users to withdraw their balances from Smart Vaults immediately. Withdrawals can be initiated through the luck.io website or via the Vault Withdrawal Tool at
GateNews14h ago
