Ledger found a security flaw in common Android chip

A team of security researchers discovered an unpatchable security flaw in a common Android chip that could allow attackers to gain complete access to devices, putting crypto users at risk, according to a recent report by Ledger.

The problem exists in a particular chip made by MediaTek, a company based in Taiwan. The chip in question is the Dimensity 7300, also called MT6878, which can be found in numerous Android smartphones currently on the market, including the Solana Seeker.

What makes this security issue particularly serious is where it sits. The weakness is located in the chip’s boot ROM, which is the very first part of the phone that starts up when you turn it on. Because this code is permanently built into the physical chip itself, there is no way to fix it through regular software updates or security patches.

Ledger’s research division, known as the Donjon team, studied how the chip operates. They discovered that by sending carefully timed electromagnetic pulses to the chip right as it boots up, they could trick it into giving them the highest level of access possible. In technical terms, they reached what’s called EL3, which is the most powerful privilege level in ARM chip design.

Ledger warned about the serious implications of this discovery

“From malware that users could be tricked into installing on their machines, to fully remote, zero-click exploits commonly used by government-backed entities, there is simply no way to safely store and use one’s private keys on those devices,” they wrote.

This news arrives during a period when attacks targeting people who own cryptocurrency are becoming more frequent. A study released in July by Chainalysis showed that more than $2.17 billion has already been stolen from crypto services in 2025. That amount exceeds everything that was stolen throughout all of 2024.

Most cryptocurrency thefts happen through online methods like phishing schemes and fraudulent operations, rather than physical attacks. However, the research shows that physical vulnerabilities do exist.

The Donjon researchers found that once they figured out the exact moment to send the electromagnetic pulse, each try took roughly one second. Their success rate ranged from 0.1% to 1% per attempt, which meant they could completely take over a device within just a few minutes when working in laboratory settings.

Ledger, which makes the well-known Nano hardware wallets, stopped short of telling people to completely avoid using wallets on smartphones. However, the findings do point to a new way that both software creators and regular users could be targeted.

A cryptocurrency wallet is a program that holds a person’s public and private keys, allowing them to send, receive, and keep track of their digital money. Hardware wallets, sometimes called “cold wallets,” keep these private keys completely offline on a separate physical device that’s disconnected from the internet, protecting them from attacks that can reach phones or computers.

Software wallets, also known as “hot wallets,” are applications that let people store their digital money on different devices, but this leaves users vulnerable to hacking attempts and phishing operations.

MediaTek says Ledger’s fault-injection test is out of scope

MediaTek had responded to the discovery in a statement that Ledger included in their report. The company said that electromagnetic fault-injection attacks were considered “out of scope” for the MT6878 chip because it was built as a regular consumer product, not as a high-security component meant for financial systems or sensitive information.

“For products with higher hardware security requirements, such as hardware crypto wallets, we believe that they should be designed with appropriate countermeasures against EMFI attacks,” MediaTek stated.

Ledger emphasized that devices using the MT6878 chip will continue to have this vulnerability because the flaw exists in the unchangeable silicon material itself. The company stressed that secure-element chips remain essential for anyone who manages their own cryptocurrency or handles other sensitive security operations, as these specialized components are specifically built to resist both hardware and software attacks.

“Smartphones’ threat model, just like any piece of technology that can be lost or stolen, cannot reasonably exclude hardware attacks,” Ledger wrote. “But the SoCs they use are no more exempt from the effects of fault injection than microcontrollers are, and security should really ultimately rely on Secure Elements, especially for self-custody.”

Want your project in front of crypto’s top minds? Feature it in our next industry report, where data meets impact.