Gate News: On March 11, security research team Donjon, a subsidiary of crypto wallet Ledger, discovered a vulnerability in the MediaTek processor secure boot chain. Attackers can physically connect to the phone via USB before the operating system loads to extract encryption keys, decrypt device storage, and obtain the device PIN and encrypted wallet seed phrase within approximately 45 seconds. In a proof-of-concept test, the vulnerability successfully extracted sensitive data from Trust Wallet, a certain exchange wallet, and Phantom wallet applications. Researchers stated that this vulnerability could affect about 25% of Android phones, specifically models using MediaTek chips and Trustonic Trusted Execution Environment. Ledger’s Chief Technology Officer Charles Guillemet said that smartphones were never designed to be vaults. While the vulnerability can be fixed with a patch, it highlights the inherent risks of storing keys on non-secure devices, and users are advised to update security patches as soon as possible.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
North Korean IT Workers Laptop Farm Scam: US Co-Conspirator Sentenced to 7–9 Years, Netting $2.8 Billion Over Two Years
Fortune reported that North Korea used laptop farms inside the United States, generating about $2.8 billion in revenue over two years to support nuclear weapons; annual tribute is $250–600 million. The U.S. citizen suspects Kejia Wang and Zhenxing Wang were each sentenced to 7.5 years and 9 years, respectively, for involvement exceeding 100 companies and 80 cases of identity theft. North Korea operated in the U.S. using U.S. identities and fixed devices, with funds mostly being converted via cryptocurrencies. Experts warn that an accomplice network still exists inside the country, and companies must strengthen identity verification, address tracking, and time zone/IP analysis.
ChainNewsAbmedia2h ago
Hong Kong Police Warn of Surge in Crypto Scams; Two Women Lose $1.24M in Recent Weeks
Gate News message, April 25 — Two Hong Kong women lost a combined HK$9.7 million (US$1.24 million) to crypto scammers over recent weeks, prompting local police to issue a public warning. Hong Kong police reported more than 80 fraud cases in a single week, with total losses exceeding HK$80 million (U
GateNews2h ago
Android Malware Families Target 800+ Banking, Crypto Apps With Near-Zero Detection Rates: Zimperium
Gate News message, April 25 — Cybersecurity firm Zimperium has identified four active malware families—RecruitRat, SaferRat, Astrinox and Massiv—targeting over 800 applications across banking, cryptocurrency and social media sectors. The campaigns employ advanced anti-analysis techniques and
GateNews5h ago
TRADOOR Token Crashes 90% in 30 Minutes Amid Suspected Price Manipulation and Wash Trading
Gate News message, April 25 — TRADOOR token experienced a sharp 90% price crash over 30 minutes at 2:00 AM today, according to on-chain analyst Specter. The token had surged as much as 900% since March 2026 before the sudden collapse, raising suspicions of price manipulation and coordinated
GateNews6h ago
Lending Protocol Purrlend Suffers Attack, Loses $1.52 Million Across MegaETH and HyperEVM
Gate News message, April 25 — Lending protocol Purrlend fell victim to attacks on both the MegaETH and HyperEVM networks today, resulting in losses of approximately $1.52 million.
Attackers extracted roughly $1.2 million in assets from the HyperEVM network, including 449,683 USDC, 214,125
GateNews7h ago
Ben Pasternak Arrested for Assault at NYC Hotel Amid $54M Crypto Fraud Lawsuit Over Believe Token
Gate News message, April 25 — Ben Pasternak, the 26-year-old Australian entrepreneur behind the Solana-based SocialFi platform Believe, was arrested on April 22 and charged with second-degree strangulation and two counts of third-degree assault following an alleged physical altercation with his ex-g
GateNews8h ago
