Unity gaming platform is addressing a vulnerability allowing third-party code to run in Android-based mobile games, potentially targeting mobile crypto wallets. The fix affects projects dating back to 2017, impacting Android, Windows, macOS, and Linux systems. Unity is distributing fixes privately to partners, with public guidance expected next week.

A Google spokesperson confirmed awareness of the vulnerability and advised developers to update their apps immediately. Unity, a leading platform for game creators, powers over 70% of the top thousand mobile games. The company is rolling out a patch to address the security issue.

The threat is described as an “in-process code injection,” potentially leading to device-level compromise on Android. Malicious code could attempt overlays, input capture, or screen scraping to target personal credentials or crypto wallet seed phrases. Mobile gamers are urged to update Unity-based games and avoid sideloading apps.

To protect against potential attacks, users should update Unity-based games, avoid sideloading apps, and disable unnecessary overlays or accessibility services while gaming. Risk segregation, keeping crypto wallets separate from gaming devices or accounts, is recommended. Stay tuned for further updates on this developing story.

Read more at Cointelegraph: Unity Flaw Threatens Android Games, Crypto Wallets At Risk