Ledger discovered a vulnerability in the Solana Seeker smartphone chip

Ledger, a company known for its secure cryptocurrency storage solutions, has identified a critical vulnerability in the MediaTek Dimensity 7300 chip used in popular smartphones, including the Solana Seeker, a device aimed at cryptocurrency users. This vulnerability allows attackers to gain "complete and absolute control" of the device using electromagnetic pulses.

Vulnerability Details

Ledger security engineers Charles Christen and Leo Benito demonstrated an attack on the MT6878 chip, bypassing all of its security mechanisms. By using electromagnetic pulses during the chip's boot process, they were able to breach the security system beyond repair. This poses serious risks to users, especially those who store their private keys on mobile devices.

Electromagnetic Attack Device

Crypto Wallet Threat

The vulnerability poses a serious threat to cryptocurrency users, as attackers can extract private keys and access victims' crypto wallets. "It is simply impossible to securely store and use private keys on such devices," stated Kristen and Benito.

The problem lies in the chip's architecture itself. The vulnerability cannot be fixed with software updates or patches, as it is embedded in the silicon of the system-on-a-chip. This means that users remain unprotected even after the threat is publicly disclosed.

Low Probability, but Real Danger

While the attack's success rate is only 0.1-1%, the researchers emphasize that accelerating the retries makes hacking inevitable. The attack can be repeated every second, repeatedly rebooting the device and attempting to introduce a glitch. "We can attempt to introduce a glitch approximately every second, repeatedly booting the device and attempting to create a glitch. If a glitch doesn't occur, we simply power on the system-on-chip and repeat the process," the researchers explained.

With this approach, access can be gained in just a few minutes, making this vulnerability particularly dangerous for users.

Manufacturer Response and Recommendations

Currently, manufacturers, including MediaTek and smartphone developers, have not provided an official response to this threat. However, experts recommend that users of MediaTek Dimensity 7300-based devices consider storing their private keys in more secure environments, such as hardware wallets, which are not susceptible to such attacks.

Amid growing security threats in the cryptocurrency space, users should be especially vigilant and take all possible measures to protect their assets.