ChainThink report, March 11: The Donjon security research team under crypto wallet provider Ledger has discovered a vulnerability in the secure boot chain of MediaTek processors. Attackers with physical access to a smartphone can extract encryption keys via USB connection before the operating system loads, decrypt device storage, and retrieve the device PIN and encrypted wallet mnemonic within approximately 45 seconds. Proof-of-concept tests successfully extracted sensitive data from wallet applications including Trust Wallet, Kraken Wallet, and Phantom.

Researchers indicate the vulnerability may affect around 25% of Android devices, specifically those equipped with MediaTek chipsets and Trustonic Trusted Execution Environment (TEE). Ledger's Chief Technology Officer Charles Guillemet stated that smartphones were never designed as vaults, and although this vulnerability can be patched, it underscores the inherent risk of storing cryptographic keys on non-secure devices, urging users to promptly apply available security patches.