Microsoft’s cybersecurity team has identified a significant vulnerability within a third-party SDK that poses a threat to millions of Android cryptocurrency wallet users. The flaw, found in EngageLab’s EngageSDK, can potentially expose sensitive data due to its widespread use in managing messaging and push notifications.
Details of the EngageSDK Flaw
The vulnerability resides in the EngageSDK, a tool integrated by developers into Android applications. This SDK is prevalent in cryptocurrency wallet apps, boasting more than 30 million installations. The flaw involves Android intents, which are used for inter-application communication and data sharing.
Microsoft researchers have pinpointed an intent redirection issue, allowing attackers to manipulate intents sent by compromised applications. This manipulation can be exploited by a malicious app on the same device, enabling it to bypass Android’s security measures and access sensitive information such as personal data and financial details.
Response and Mitigation Efforts
Upon discovering the vulnerability, Microsoft informed EngageLab in April 2025, followed by a notification to the Android Security Team in May due to potential impacts on apps available via Google Play. Despite being a third-party issue, Android’s multi-layered security model offers additional protections against such vulnerabilities.
All affected crypto wallet applications have since been removed from Google Play. Furthermore, Android’s security measures are expected to shield users who have previously downloaded impacted versions. EngageLab addressed the flaw with a patch released in November 2025, updating the SDK to version 5.2.1.
Current Status and Recommendations
Microsoft has publicly shared technical details of the vulnerability to alert developers about the importance of using the latest SDK version. Fortunately, there is no evidence to suggest that this vulnerability has been exploited in practice.
Developers are urged to update their applications promptly to mitigate any potential security risks. Users are encouraged to ensure their apps are up-to-date and to remain vigilant about app permissions and sources.
The discovery underscores the importance of regular security assessments and updates in protecting digital assets, particularly in the financial technology sector.
