The post Is Your Crypto Safe? Microsoft Discloses Android Vulnerability Exposing 30M Wallets appeared first on Coinpedia Fintech News Microsoft has published theThe post Is Your Crypto Safe? Microsoft Discloses Android Vulnerability Exposing 30M Wallets appeared first on Coinpedia Fintech News Microsoft has published the

Is Your Crypto Safe? Microsoft Discloses Android Vulnerability Exposing 30M Wallets

Author: CoinPedia

Source: CoinPedia

2026/04/11 07:26

2 min read

For feedback or concerns regarding this content, please contact us at crypto.news@mexc.com

The post Is Your Crypto Safe? Microsoft Discloses Android Vulnerability Exposing 30M Wallets appeared first on Coinpedia Fintech News

Microsoft has published the details of an Android-native security vulnerability that exposed 30 million crypto wallet credentials to malicious actors.

The company’s Defender Security Research Team first identified the issue in April 2025 during a routine security research.

Microsoft details Android flaw affecting crypto wallets

The attack begins with the user installing malicious apps designed to bypass the Android sandbox. The latter is a security system that isolates phone apps, preventing them from “seeing” each other’s data. The app then sends a message to a vulnerable Software Development Kit (SDK), specifically version 4.5.4. An SDK is a fundamental component of every phone application, with most applications requiring several SDKs to run properly.

This corrupts all other apps that receive the message, tricking them into giving up read and write privileges for personal information within them, including crypto wallet seed phrases and addresses. This susceptibility is akin to leaving the windows open in what should be a top-security building.

How to protect your crypto wallet

Known as an “intent redirection,” the attack compromised over 50 million apps, including 30 million crypto wallets.

That said, Microsoft promptly teamed up with Google and the Android Security Team in May 2025. This led EngageLab to release the patched version – SDK 5.2.1.

The team now encourages users to swiftly update their apps and verify them using Google Play Protect. They also encourage downloading apps from the Play Store rather than as APK files from websites, since the former are subject to stricter security checks.

Even more, users who have not made any updates since mid-2025 are encouraged to move any funds they may have in their crypto wallets to new wallets with fresh seed phrases.

The report is the latest regarding crypto-related Android flaws, with another involving Android chips flagged early last month.

Nonetheless, there is greater hope for industry security with the recently announced collaboration between the US Treasury and crypto firms to share cybersecurity information.

Get 20 USDT in Just 1 Minute

Deposit $100 to unlock $300 in GOLD positions

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact crypto.news@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.