Unity Quietly Fixes Android Exploit Targeting Users’ Crypto Wallets

2025-10-04 05:04:17

The Unity gaming platform is quietly rolling out an update to fix a vulnerability that could capture crypto wallet credentials.

Unity, a game development software company, is quietly rolling out an update to fix a vulnerability in its system. The move comes after its team discovered an exploit in its Android game tool that could compromise users’ crypto wallets.

Unity’s Vulnerability Affecting Crypto Wallets

Cointelegraph, citing sources familiar with the matter, claimed the Unity gaming platform was working to plug the exploit allowing third-party code to run in games operating under the Android system. The issue, which alarmingly dates back to 2017, also affects other operating systems (OS), like Windows, macOS, and Linux, to “varying degrees,” but Android-based games have taken the worst beating.

The anonymous sources said the threat employed “in-process code injection.” According to SentinelOne, an artificial intelligence (AI)-powered enterprise cybersecurity provider, the method allows a code to be injected into the memory space of another ongoing process. The hacker enables the affected process to run arbitrary code in the system by writing their own code into the address space of that process. However, they didn’t confirm whether the vulnerability could completely take over the device running the malicious code. Still, they didn’t dismiss the issue’s potential to intensify into a device-level compromise under specific conditions.

ADVERTISEMENTAdditionally, the sources warned that the malicious code could “attempt overlays, input capture, or screen scraping.” These can capture crypto wallet seed phrases and other personal credentials from owners of affected devices.

Unity has yet to respond to inquiries regarding the subject. Nonetheless, the sources who sought anonymity revealed that the gaming platform has already started launching fixes and a standalone patching tool privately to selected partners. However, they expect the company to provide public guidance on the problem by Monday or Tuesday.

Google’s Official Statement on the Unity Vulnerability Issue

An unnamed spokesperson from Google denied that their Play store contains apps with the vulnerability. Nevertheless, the company representative confirmed the fixes Unity gave to developers.

ADVERTISEMENTThe spokesperson advised developers to update their Unity-based apps immediately, and guaranteed that Google will support the release of their games’ patched version “as quickly as possible.”

How to Avoid the Unity Threat on Crypto Wallets

In light of the problem, the sources advised Android mobile gamers to immediately update all their Unity-based games as soon as the patches are available. Moreover, they discouraged users from sideloading or installing apps from unofficial platforms, including third-party websites or direct transfers.

Furthermore, the sources recommended that users adjust their device permissions accordingly to turn off unessential overlays or accessibility services. Likewise, they suggested that users keep their crypto credentials and apps separate from their gaming devices or accounts.

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.