Microsoft has published the details of an Android-native security vulnerability that exposed 30 million crypto wallet credentials to malicious actors.
The company’s Defender Security Research Team first identified the issue in April 2025 during a routine security research.
The attack begins with the user installing malicious apps designed to bypass the Android sandbox. The latter is a security system that isolates phone apps, preventing them from “seeing” each other’s data. The app then sends a message to a vulnerable Software Development Kit (SDK), specifically version 4.5.4. An SDK is a fundamental component of every phone application, with most applications requiring several SDKs to run properly.
This corrupts all other apps that receive the message, tricking them into giving up read and write privileges for personal information within them, including crypto wallet seed phrases and addresses. This susceptibility is akin to leaving the windows open in what should be a top-security building.
Known as an “intent redirection,” the attack compromised over 50 million apps, including 30 million crypto wallets.
That said, Microsoft promptly teamed up with Google and the Android Security Team in May 2025. This led EngageLab to release the patched version – SDK 5.2.1.
The team now encourages users to swiftly update their apps and verify them using Google Play Protect. They also encourage downloading apps from the Play Store rather than as APK files from websites, since the former are subject to stricter security checks.
Even more, users who have not made any updates since mid-2025 are encouraged to move any funds they may have in their crypto wallets to new wallets with fresh seed phrases.
The report is the latest regarding crypto-related Android flaws, with another involving Android chips flagged early last month.
Nonetheless, there is greater hope for industry security with the recently announced collaboration between the US Treasury and crypto firms to share cybersecurity information.
CoinPedia has been delivering accurate and timely cryptocurrency and blockchain updates since 2017. All content is created by our expert panel of analysts and journalists, following strict Editorial Guidelines based on E-E-A-T (Experience, Expertise, Authoritativeness, Trustworthiness). Every article is fact-checked against reputable sources to ensure accuracy, transparency, and reliability. Our review policy guarantees unbiased evaluations when recommending exchanges, platforms, or tools. We strive to provide timely updates about everything crypto & blockchain, right from startups to industry majors.
All opinions and insights shared represent the author's own views on current market conditions. Please do your own research before making investment decisions. Neither the writer nor the publication assumes responsibility for your financial choices.
Sponsored content and affiliate links may appear on our site. Advertisements are marked clearly, and our editorial content remains entirely independent from our ad partners.
The upcoming SpaceX IPO is generating significant excitement across both traditional markets and crypto. While…
PYTH price finally showed signs of life, climbing more than 16% after a major product…
XRP traded at $1.10 on Wednesday, down 0.44% over 24 hours, as the token continued…
Strategy chairman Michael Saylor has once again questioned Ethereum’s long-term position in the crypto market.…
The Velvet rally isn't slowing down, and traders may have found a reason why. After…
When Anthony Ralphs joined Ripple in its early days, the company was a small team…
