tldr; A vulnerability in Android smartphones with MediaTek processors could allow attackers to extract encrypted user data, including crypto wallet seed phrases, in under a minute via USB. Ledger’s Donjon team demonstrated the flaw on the Nothing CMF Phone 1, bypassing security to decrypt storage and access sensitive data. The exploit targets the secure boot chain, affecting potentially millions of devices. MediaTek has disclosed the issue, but the extent of affected devices remains unclear. The incident highlights the security trade-offs of general-purpose chips versus dedicated secure elements.
*This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.
1 Comment
tldr; A vulnerability in Android smartphones with MediaTek processors could allow attackers to extract encrypted user data, including crypto wallet seed phrases, in under a minute via USB. Ledger’s Donjon team demonstrated the flaw on the Nothing CMF Phone 1, bypassing security to decrypt storage and access sensitive data. The exploit targets the secure boot chain, affecting potentially millions of devices. MediaTek has disclosed the issue, but the extent of affected devices remains unclear. The incident highlights the security trade-offs of general-purpose chips versus dedicated secure elements.
*This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.