Home
News
Details

Ledger Discovers Android OS Vulnerability That Steals Crypto Seed Phrases

iconCoinpedia
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
AI summary iconSummary

expand icon
vulnerability news broke as Ledger’s Donjon team found a flaw in MediaTek chips used in Android phones. Attackers can steal PINs and crypto seed phrases in seconds, even when devices are off. A proof-of-concept test targeted Trust Wallet, Kraken Wallet, and Phantom. Ledger’s CTO said millions of users are at risk. MediaTek fixed the issue, and Trust Wallet added a new security layer. This crypto news highlights ongoing threats to mobile wallet security.
Makina Finance hack
Story Highlights

  • Ledger researchers have discovered an Android OS vulnerability allowing theft of crypto seed phrases in seconds.

  • The unit applied proof-of-concept to prove the above threat is real.

  • The development shows that smartphones do not possess the security shields necessary to act as crypto storage facilities.

Ledger’s Donjon research team has identified security vulnerabilities in MediaTek processors (commonly used on Android phones) that allow malicious actors to steal users’ phone pins and their crypto seed phrases within seconds. The attack is said to occur even when devices are switched off.

The team conducted a proof-of-concept test, where they successfully obtained sensitive information pertaining to several software (a.k.a hot) crypto wallets. Victims included Trust Wallet, Kraken Wallet, and Phantom.

Crypto theft on Android OS

Charles Guillemet, the Chief Technology Officer at Ledger hardware wallet company, noted the development as a “reminder that smartphones aren’t built for security.”

Guillemet added that it could have affected “millions” of Android phones, since they dominate global use due to economic and availability factors.

🚨 @DonjonLedger has struck again discovering a MediaTek vulnerability potentially impacting millions of Android phones. Another reminder that smartphones aren’t built for security. Even when powered off, user data – including pins & seeds – can be extracted in under a minute.

— Charles Guillemet (@P3b7_) March 11, 2026

Following the report, MediaTek took action to fix the bug, while Trust Wallet introduced a new security feature preventing crypto address tampering.

Which method of storage is safe?

Hardware wallets, such as Ledger and Trezor, have gained a reputation for providing better security to cryptocurrencies as compared to software wallets. This is because they utilize chips that are separate from the phone’s main processor.

Still, at 78% global use, hot wallets are the dominant choice among crypto holders due to their cost efficiency and ease of use.

Even then, users of cold storage have fallen victim to crypto theft through social engineering, supply chain tampering, physical device extraction, and blatant recklessness.

A good example of the latter is the South Korean Tax Service, which accidentally posted the seed phrase to a seized crypto hard wallet. An example of brute force or wrench attacks is the recent case of the French couple who were robbed of almost $1 million in Bitcoin.

As for operating systems, iOS users have not been fully spared, with the Coruna vulnerability mining sensitive cryptocurrency information on older iOS versions.

User keys can still be stolen when running a node, so perhaps multisig wallets are one of the most “fireproof” methods of storing cryptocurrencies.

Tags
Crypto news
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.