A worrying new Android alert has been issued, and now is a good time for all users to check their settings. It’s been confirmed that some devices might be vulnerable to a scary attack that could allow hackers to crack the lock screen password in under 60 seconds. The flaw was discovered by the security team at Donjon, who warned that those affected could have their personal data stolen by cybercriminals.

Researchers have even demonstrated the vulnerability and how easy things are to crack. They simply connected a vulnerable phone to a laptop using a USB cable and were then able to recover the handset PIN, decrypt the storage, and extract data from software wallets.

The whole attack took less than a minute to complete, making it hugely concerning for anyone impacted.

So who is affected and how can it be stopped?

The flaw, tracked as CVE-2026-20435, has been found in certain Android phones with MediaTek processors. It’s thought that around 1 in 4 Android devices use these chips, with more budget-friendly phones being more likely to be impacted.

“The exploit was able to extract the root keys protecting full‑disk encryption before Android fully boots and then decrypt storage,” the security gurus at Malwarebytes confirmed.

“While full‑disk encryption and lock screen are supposed to be your safety net if the phone is stolen or lost, those layers fail on affected devices.”

Now is a good time to check exactly what processor is inside your device. If it’s a MediaTek chip, watch for security updates and install them as soon as possible.

To check your Android processor, go to Settings > About Phone or About Device and look for “Processor” or “Model Name”.

“MediaTek released a firmware patch that device manufacturers can include in security updates for their phones,” Malwarebytes added.

“So all you can do is make sure you’re fully patched with the latest security update from your manufacturer.”

It’s worth noting that hackers need full physical access to the device to crack the password. So as long as your phone is updated and you don’t lose it or have it stolen, you should be safe.

There is some concern that phones which have reached their end of life won’t receive the patch, so anyone who thinks they have a very old smartphone in their pocket should be extra cautious or consider upgrading to something new.