The Popular Solana Crypto Phones Could Be Vulnerable To Hacks, Ledger Says

Smartphone security is now facing new pressure after researchers at Ledger published a report on a hardware flaw that attackers cannot patch or repair. 

The work shows how a chip used in many Android phones can be taken over through electromagnetic pulses if they are applied at the earliest stage of the phone’s boot process. 

This gives attackers full control of the device and access to anything stored on it.

How Ledger Discovered the Chip Flaw

Ledger’s research team looked closely at the MediaTek Dimensity 7300 chip, also known as the MT6878. 

Many Android devices, including certain Solana-oriented phones, use this chip. According to reports, the team began testing it earlier this year and they focused on what happens during the chip’s first moments of activity, when all security checks should be strongest.

Engineers Charles Christen and Léo Benito carried out the tests and pushed electromagnetic pulses into the chip as it started. These pulses disrupted the normal checks inside the boot sequence. 

By doing that, the chip allowed the researchers access to the highest privilege level in the system, known as EL3.

This level controls everything, and once the researchers reached it, they gained full control of the device. There were no protections left to stop them from reading sensitive data or changing vital functions.

Why the Flaw Cannot Be Patched

The weakness lives inside the chip’s boot ROM. This is the part that handles the very first operations when the device powers on. 

Boot ROM sits deep in the silicon itself, and manufacturers write it at the time of production. This means that they cannot change it afterwards.

Because the code that controls the earliest checks is fixed forever, no software update can remove the flaw. 

Even if every vendor released new patches tomorrow, the silicon would still behave the same way. This is why Ledger describes the issue as permanent for every device using this chip.

How the Attack Works

The electromagnetic attack depends on timing. The researchers had to fire pulses at precise points while the chip booted. At first glance, this sounds like a defence. However, it turned out to be easy to automate.

Each attempt took about one second, and the success rate sat between 0.1% and 1%. That might sound low, but repeating the attempt over and over took only a few minutes. Once one attempt succeeded, the entire device became fully exposed.

Under these lab conditions, the attack moved fast. It did not require special equipment beyond tools for controlled electromagnetic pulses. The method also did not need the user to click anything or install software.

MediaTek’s Response

MediaTek said the attack method was outside the design goals for the MT6878. The company explained that the chip was built for consumer products. It was not meant to protect financial data or serve as a hardware security module.

MediaTek added that products requiring hardened defences should rely on components that are designed for that purpose. Hardware wallets fall into that category because they use elements that resist any kind of tampering.

Ledger informed MediaTek about the flaw in May. The company then notified vendors using the chip in their devices.

Related Reading: Upbit Uncovers Wallet Bug During $30M Crypto Heist Investigation

What This Means for Smartphone Security

Phones today store a lot of sensitive data. Many people keep authentication apps, passwords, financial information and digital assets on them. 

When a weakness exists at the hardware level, none of that data is safe on affected devices.

Christen and Benito stressed that the flaw breaks the idea that a phone can hold private keys safely. The researchers did not recommend abandoning software wallets entirely. 

However, they did show why hardware wallets will continue to be important for self-custody.

Ledger noted that phones cannot rule out physical attacks because anyone can lose or misplace them. When hardware is lost, an attacker with the right tools could try this method. 

Thus, the repeated-attack nature of the flaw makes the threat a very serious one.