MediaTek patches bug enabling crypto seed theft in just 45 seconds
Ledger’s white-hat security team said it found a flaw in MediaTek's secure boot chain that can be used to steal sensitive information from certain Android devices.
Mobile phone chipmaker MediaTek patched a vulnerability affecting its chipsets in January that could have allowed an attacker to steal crypto seed phrases on affected devices using just a USB cable and the right software.
The flaw was discovered by Ledger’s white-hat security team, Donjon, who had shared the vulnerability with MediaTek before a patch was rolled out on Jan. 5, though users who have not installed the latest security patches are advised to do so, said Ledger.
According to Ledger, the flaw came from MediaTek’s secure boot chain, a security mechanism built into its chips that ensures a phone starts safely and only with authorized software during startup.
Source: Cointelegraph →Related News
- 2 hours ago
Forensic analysis uncovers draft of $5M deal tied to Milei’s Libra promotion: Re...
- 6 hours ago
Stablecoin uncertainty could hurt banks more than crypto firms: Expert
- 7 hours ago
Altseason is dead, expect shorter cycles and ‘violent’ rotations: Crypto exec
- 9 hours ago
Ethereum Foundation sells $10.2M worth of ETH to BitMine in OTC deal
- 10 hours ago
Bitcoin whales are starting to accumulate again at $71K: Santiment