Donjon, a member of Ledger's security research team, has disclosed a critical vulnerability in the MediaTek processor secure boot chain, allowing attackers to extract device PIN codes and crypto wallet seed phrases in about 45 seconds by physically contacting the device and using a USB connection. Proof-of-concept testing revealed that the vulnerability could gain access to sensitive data from applications such as Trust Wallet, Kraken Wallet, and Phantom. The risk is expected to affect approximately 25% of Android phones worldwide, involving devices with MediaTek chips and Trustonic's trusted execution environment. Ledger currently recommends that users install the latest security patches released by the manufacturer in a timely manner. （The Block）