Ledger identifies security issue in chip used in Solana phones
A bug in the chip’s base module makes smartphones vulnerable to attacks that allow access to data and private keys
04.12.2025 - 08:30
290
3 min
0
Key points:
- Ledger has discovered a vulnerability in the chip used in Solana phones and other Android devices: it can be hacked using an electromagnetic attack when the device is booting up.
- The bug is in the factory-flashed boot module, so it cannot be fixed with updates and makes devices permanently vulnerable.
- The attack allows private keys to be extracted and all levels of protection to be bypassed.
Ledger has disclosed a critical vulnerability in the MediaTek Dimensity 7300 (MT6878) chip. It is used in many Android smartphones, including the crypto-focused Solana Seeker model. Researchers have shown that electromagnetic pulses applied at the moment the device is started allow the protection to be bypassed and full control of the smartphone to be gained.
The bug is located in the boot ROM, an area of memory that is factory-flashed. It cannot be fixed with an update, so users remain vulnerable. This leaves users vulnerable even after the problem has been publicly disclosed.
“There is simply no way to safely store and use one’s private keys on those devices,” said Ledger engineers Charles Christen and Léo Benito.
Once they have access to the chip, attackers can extract private keys from software crypto wallets, change system settings, or install malicious code, bypassing any built-in security mechanisms.
Ledger notes that smartphones are devices that can be lost, stolen, or physically opened. Their system chips do not have the same level of protection as hardware wallets, which makes storing private keys on phones inherently dangerous.
North Korean hackers: the complete dossier, description of methods and chronology of cryptocurrency thefts
Over the past few years, North Korea’s cyber units have carried out large-scale operations to infiltrate various structures and steal digital assets
At the same time, the scale of cybercrime continues to grow. According to Chainalysis, since the beginning of 2025, attackers have stolen more than $2,17 billion — already more than in the whole of 2024.
The consequences of vulnerabilities also affect infrastructure projects — after an $8,4 million hack, the decentralized exchange Bunni DEX announced its closure, acknowledging that it did not have the resources to safely restart and transferring development to the community under an open license.
Recently, the GANA Payment project on BNB Smart Chain suffered a serious attack: a hacker changed the contract owner, gained control over staking, and withdrew more than $3,1 million, laundering most of it through Tornado Cash.
Useful material?
Telegram 
Twitter Incidents
Developers warned of potential risks to bridges across the ecosystem and asked exchanges for assistance.
Jun 22, 2026
Incidents
The defendant helped move funds stolen through investment scams and earned at least $4 million for his role in the operation.
Jun 10, 2026
Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Cryptocurrency rates
-
Bitcoin
$62 451
BTC
-3.32%
-
Ethereum
$2 551.16
ETH
+3.56%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Ripple
$1.11
XRP
-3.41%
-
TRON
$0.160134
TRX
-1.59%
-
Dogecoin
$0.079433
DOGE
-5.67%
-
Zcash
$424.27
ZEC
-6.95%
-
Stellar XLM
$0.193469
XLM
-9.45%
-
Cardano
$0.153377
ADA
-5.13%
-
Polkadot
$3.32
DOT
+5.27%