Researchers find a MediaTek chip flaw that could impact millions of Android phon

RZ Nitin Ranger

03-13 19:37

Hey Questers ❤️ 




Researchers at a cryptocurrency firm have discovered a serious vulnerability that involves specific Android chipsets produced by MediaTek and targets the trusted execution environment that protects sensitive user data on a smartphone. This potential flaw may expose sensitive information from millions of Android smartphones by providing hackers with physical access to decrypt protected data and extract cryptocurrency private keys with a simple USB connection, even if the device is powered off.

Figure 1, view larger image


Critical security vulnerability found in certain MediaTek devices

A post on X by Ledger's Chief Technology Officer (CTO) Charles Guillemet claims that this particular vulnerability could affect millions of Android devices with MediaTek processors that use Trustonic’s Trusted Execution Environment (TEE). Cryptocurrency firm Ledger Donjon’s security researchers tested the vulnerability on the CMF Phone 1, which is powered by a MediaTek Dimensity 7300 chipset, and were able to breach the smartphone's security and access the information.


Surprisingly, the group was able to access the information within 45 seconds of it being plugged into a computer, while the device was off. They could even access the phone's decrypted storage while also extracting the seed phrases, PIN or passwords, and extract information from popular software cryptocurrency wallets. The attack required only a brief physical connection to a computer and did not involve installing malware through online methods or interacting with the phone’s screen.

Figure 2, view larger image


Industry estimates suggest MediaTek currently powers almost 25% of Android handsets worldwide, meaning the issue could potentially affect a major chunk of smartphone users. The vulnerability has been documented under security case number 2026-20435 in a MediaTek security bulletin, which the company claims has been patched through a security update, released earlier this year. Hence, MediaTek smartphone users are advised to install the latest available security update.




Follow for such more informative threads ➡️ @RZ Nitin

Figure 3, view larger image

Thank you 😊 

Your qool Quester, Ranger : Nitin Mishra ❤️ 

@iQOO Connectcommunity 🥳❤️😍 

@NipunMaryasir 🫡💫❤️

@parakram_hbhai 🫡✨🫂

@woahyashbhai 😍🔥❤️ 



Tech