Security Vulnerability in Popular Smartphone Chip Exposed by Ledger
A recent report by Ledger, a renowned crypto wallet manufacturer, has revealed a significant security vulnerability in a widely used smartphone chip, the MediaTek Dimensity 7300 (MT6878). This chip is utilized in various smartphones, including the crypto-focused Solana Seeker. According to Ledger’s security engineers, Charles Christen and Léo Benito, the vulnerability can be exploited to gain complete control over the device, allowing attackers to steal private keys stored on the device.
The vulnerability was discovered by Christen and Benito, who used electromagnetic pulses to circumvent the chip’s security measures during its initial boot process. This attack method, known as electromagnetic fault injection (EMFI), can be used to extract private keys from a device, potentially leading to significant financial losses for cryptocurrency users. 
Unfixable Vulnerability Puts Users at Risk
The fault injection vulnerability cannot be fixed through a software update or patch, as it is encoded in the chip of the smartphone’s system-on-chip (SOC). This means that users remain vulnerable even if the vulnerability is disclosed. Christen and Benito stated, “There is simply no way to securely store and use the private keys on these devices.” The attack’s success rate is relatively low, between 0.1% and 1%, but the speed at which it can be initiated repeatedly means an attacker will eventually gain access “in just a few minutes.”
Chipmaker’s Response
MediaTek has responded to the findings, stating that electromagnetic fault injection attacks are “out of scope” for the MT6878 chip. The company claims that the chip is designed for use in consumer products, not for applications such as finance or hardware security modules (HSMs), and is not specifically hardened against physical EMFI hardware attacks. MediaTek recommends that products with higher hardware security requirements, such as hardware crypto wallets, should be equipped with appropriate countermeasures against EMFI attacks.
Christen and Benito began working on the experiment in February and successfully exploited the chip’s vulnerability in the first days of May. They reported the problem to MediaTek’s security team, which informed all affected providers. Cointelegraph has reached out to MediaTek for further comment. For more information on this story, visit Cointelegraph.
