Ledger identifies security issue in chip used in Solana phones
A bug in the chip’s base module makes smartphones vulnerable to attacks that allow access to data and private keys
04.12.2025 - 08:30
279
3 min
0
Key points:
- Ledger has discovered a vulnerability in the chip used in Solana phones and other Android devices: it can be hacked using an electromagnetic attack when the device is booting up.
- The bug is in the factory-flashed boot module, so it cannot be fixed with updates and makes devices permanently vulnerable.
- The attack allows private keys to be extracted and all levels of protection to be bypassed.
Ledger has disclosed a critical vulnerability in the MediaTek Dimensity 7300 (MT6878) chip. It is used in many Android smartphones, including the crypto-focused Solana Seeker model. Researchers have shown that electromagnetic pulses applied at the moment the device is started allow the protection to be bypassed and full control of the smartphone to be gained.
The bug is located in the boot ROM, an area of memory that is factory-flashed. It cannot be fixed with an update, so users remain vulnerable. This leaves users vulnerable even after the problem has been publicly disclosed.
“There is simply no way to safely store and use one’s private keys on those devices,” said Ledger engineers Charles Christen and Léo Benito.
Once they have access to the chip, attackers can extract private keys from software crypto wallets, change system settings, or install malicious code, bypassing any built-in security mechanisms.
Ledger notes that smartphones are devices that can be lost, stolen, or physically opened. Their system chips do not have the same level of protection as hardware wallets, which makes storing private keys on phones inherently dangerous.
North Korean hackers: the complete dossier, description of methods and chronology of cryptocurrency thefts
Over the past few years, North Korea’s cyber units have carried out large-scale operations to infiltrate various structures and steal digital assets
At the same time, the scale of cybercrime continues to grow. According to Chainalysis, since the beginning of 2025, attackers have stolen more than $2,17 billion — already more than in the whole of 2024.
The consequences of vulnerabilities also affect infrastructure projects — after an $8,4 million hack, the decentralized exchange Bunni DEX announced its closure, acknowledging that it did not have the resources to safely restart and transferring development to the community under an open license.
Recently, the GANA Payment project on BNB Smart Chain suffered a serious attack: a hacker changed the contract owner, gained control over staking, and withdrew more than $3,1 million, laundering most of it through Tornado Cash.
Useful material?
Telegram 
Twitter Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Incidents
According to Blockaid, the attack may have been carried out by the same hacker behind the 1inch Fusion V1 exploit.
May 7, 2026
Incidents
The attacker gained administrative access and altered contracts to drain user funds
Apr 30, 2026
Cryptocurrency rates
-
Bitcoin
$62 828
BTC
-0.44%
-
Ethereum
$2 551.16
ETH
+3.56%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Ripple
$1.17
XRP
+2.64%
-
TRON
$0.160134
TRX
-1.59%
-
Dogecoin
$0.085904
DOGE
+1.09%
-
Zcash
$477.52
ZEC
+11.79%
-
Stellar XLM
$0.199858
XLM
-0.9%
-
Cardano
$0.169155
ADA
+4.11%
-
Polkadot
$3.32
DOT
+5.27%