A critical security vulnerability in MediaTek chips, affecting approximately 25% of Android devices, allows attackers with physical access to extract sensitive data, including crypto wallet seed phrases and PINs, in under a minute. Discovered by Ledger’s security team (Donjon) and initially reported to MediaTek in May 2025, the flaw resides in the boot ROM and bypasses Android’s security measures even before the operating system loads. Exploitation involves manipulating voltage during startup via a USB connection. While MediaTek released a patch in January 2026, users must install the latest security updates to be protected. Affected wallets include Trust Wallet, Kraken Wallet, and Phantom. Separately, the Bonk.fun platform suffered a domain hijacking resulting in a wallet drainer, causing significant losses for some users. In contrast, Mastercard launched a Crypto Partner Program with over 85 industry players, signaling growing integration of digital assets into traditional finance. XRP ETFs have also seen substantial inflows, with Goldman Sachs leading institutional holdings. These events highlight the ongoing security challenges and increasing institutional interest in the crypto space.
Source Articles
This article is based on analysis of 7 source articles from our news database.
