Close Menu
FSNN | Free Speech News NetworkFSNN | Free Speech News Network
  • Home
  • News
    • Politics
    • Legal & Courts
    • Tech & Big Tech
    • Campus & Education
    • Media & Culture
    • Global Free Speech
  • Opinions
    • Debates
  • Video/Live
  • Community
  • Freedom Index
  • About
    • Mission
    • Contact
    • Support
Trending

BoE Chief Denies Farage Influenced CBDC Policy: Report

2 minutes ago

Cuckoo

43 minutes ago

Stablecoins Power $1.1T TradFi Perpetual Trading, Binance Says

1 hour ago
Facebook X (Twitter) Instagram
Facebook X (Twitter) Discord Telegram
FSNN | Free Speech News NetworkFSNN | Free Speech News Network
Market Data Newsletter
Thursday, July 9
  • Home
  • News
    • Politics
    • Legal & Courts
    • Tech & Big Tech
    • Campus & Education
    • Media & Culture
    • Global Free Speech
  • Opinions
    • Debates
  • Video/Live
  • Community
  • Freedom Index
  • About
    • Mission
    • Contact
    • Support
FSNN | Free Speech News NetworkFSNN | Free Speech News Network
Home»Cryptocurrency & Free Speech Finance»Ledger Finds Popular Smartphone Chip Vulnerable to Unpatchable Attacks
Cryptocurrency & Free Speech Finance

Ledger Finds Popular Smartphone Chip Vulnerable to Unpatchable Attacks

News RoomBy News Room7 months agoNo Comments4 Mins Read642 Views
Share Facebook Twitter Pinterest Copy Link LinkedIn Tumblr Email VKontakte Telegram
Ledger Finds Popular Smartphone Chip Vulnerable to Unpatchable Attacks
Share
Facebook Twitter Pinterest Email Copy Link

Listen to the article

0:00
0:00

Key Takeaways

Playback Speed

Select a Voice

In brief

  • Ledger’s Donjon lab gained full control of a Mediatek smartphone chip using electromagnetic faults.
  • The flaw sits in the chip’s boot ROM, which cannot be patched once manufactured.
  • Ledger says the findings reinforce why hardware wallets rely on secure, tamper-resistant chips, although the company did not recommend against using software wallets.

An unpatchable flaw in a widely used smartphone chip developed by Taiwan-based MediaTek allowed researchers to take full control of the device through a precisely timed electromagnetic attack, according to new findings published on Wednesday by crypto wallet provider Ledger.

The vulnerable code sits in the chip’s boot ROM, the earliest stage of the startup process, meaning it cannot be corrected with a software update.

Ledger’s Donjon team examined the MediaTek Dimensity 7300 (MT6878), a 4-nanometer system-on-chip found in many Android phones.

By applying carefully timed electromagnetic pulses during the chip’s initial boot sequence, the researchers were able to bypass memory-access checks and escalate into EL3, the highest privilege level in the ARM architecture.

“From malware that users could be tricked into installing on their machines, to fully remote, zero-click exploits commonly used by government-backed entities, there is simply no way to safely store and use one’s private keys on those devices,” they wrote.

The report comes at a time when attacks targeting cryptocurrency holders are on the rise.

A July report by Chainalysis said over $2.17 billion has been stolen from cryptocurrency services so far in 2025; more than the entirety of 2024.

While physical attacks are growing, the majority of crypto-related thefts are perpetrated by hackers through phishing attacks or scams.

Once they identified the precise timing window, each attempt by the Donjon team took about a second and had a success rate of 0.1%-1%, allowing a full compromise within minutes under lab conditions.

While Ledger is best known for its popular Nano hardware wallets, it did not outright say not to use smartphone-based wallets. The report suggests a new threat vector targeting software developers and users.

Ledger did not immediately respond to requests for comment by Decrypt.

Hardware and software crypto wallets

A cryptocurrency wallet is software that stores a user’s public and private keys and lets them send, receive, and monitor digital assets.

Hardware wallets or “cold wallets” go a step further by keeping those private keys offline on a separate physical device, detached from the internet and shielded from attacks that can reach phones or computers.

Software wallets or “hot wallets” are apps that allow users to store their digital assets on a variety of devices, but leave the user open to hacks and phishing attacks.

MediaTek, in a statement included in Ledger’s report, said electromagnetic fault-injection attacks were “out of scope” for the MT6878 because the chipset was designed as a consumer-grade component rather than as a high-security module for financial or sensitive systems.

“For products with higher hardware security requirements, such as hardware crypto wallets, we believe that they should be designed with appropriate countermeasures against EMFI attacks,” they wrote.

Ledger said devices built on the MT6878 remain exposed because the flaw resides in unchangeable silicon.

Secure-element chips, the company added, remain necessary for users who rely on self-custody or handle other sensitive cryptographic operations, since those components are designed specifically to withstand both hardware and software attacks.

“Smartphones’ threat model, just like any piece of technology that can be lost or stolen, cannot reasonably exclude hardware attacks,” Ledger wrote. “But the SoCs they use are no more exempt from the effects of fault injection than microcontrollers are, and security should really ultimately rely on Secure Elements, especially for self-custody.”

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.

Read the full article here

Fact Checker

Verify the accuracy of this article using AI-powered analysis and real-time sources.

Get Your Fact Check Report

Enter your email to receive detailed fact-checking analysis

5 free reports remaining

Continue with Full Access

You've used your 5 free reports. Sign up for unlimited access!

Already have an account? Sign in here

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Telegram Copy Link
News Room
  • Website
  • Facebook
  • X (Twitter)
  • Instagram
  • LinkedIn

The FSNN News Room is the voice of our in-house journalists, editors, and researchers. We deliver timely, unbiased reporting at the crossroads of finance, cryptocurrency, and global politics, providing clear, fact-driven analysis free from agendas.

Related Articles

Cryptocurrency & Free Speech Finance

BoE Chief Denies Farage Influenced CBDC Policy: Report

2 minutes ago
Media & Culture

Cuckoo

43 minutes ago
Cryptocurrency & Free Speech Finance

Stablecoins Power $1.1T TradFi Perpetual Trading, Binance Says

1 hour ago
Cryptocurrency & Free Speech Finance

The New Grok 4.5 Is Out. Elon Musk Says It Competes With Last Year’s Claude Opus

1 hour ago
Media & Culture

An Indian Billionaire Was Targeted By Trump. Then He Poured Money Into A Startup Secretly Backed by Donald Trump Jr.

2 hours ago
Media & Culture

Can the Supreme Court Still Restrain Executive Power?

2 hours ago
Add A Comment

Comments are closed.

Editors Picks

Cuckoo

43 minutes ago

Stablecoins Power $1.1T TradFi Perpetual Trading, Binance Says

1 hour ago

The New Grok 4.5 Is Out. Elon Musk Says It Competes With Last Year’s Claude Opus

1 hour ago

How does the First Amendment apply to AI regulation in hiring, health care, and legal decisions?

2 hours ago
Latest Posts

An Indian Billionaire Was Targeted By Trump. Then He Poured Money Into A Startup Secretly Backed by Donald Trump Jr.

2 hours ago

Can the Supreme Court Still Restrain Executive Power?

2 hours ago

Bitcoin Falls To Key Support As New Headwinds Emerge

2 hours ago

Subscribe to News

Get the latest news and updates directly to your inbox.

At FSNN – Free Speech News Network, we deliver unfiltered reporting and in-depth analysis on the stories that matter most. From breaking headlines to global perspectives, our mission is to keep you informed, empowered, and connected.

FSNN.net is owned and operated by GlobalBoost Media
, an independent media organization dedicated to advancing transparency, free expression, and factual journalism across the digital landscape.

Facebook X (Twitter) Discord Telegram
Latest News

BoE Chief Denies Farage Influenced CBDC Policy: Report

2 minutes ago

Cuckoo

43 minutes ago

Stablecoins Power $1.1T TradFi Perpetual Trading, Binance Says

1 hour ago

Subscribe to Updates

Get the latest news and updates directly to your inbox.

© 2026 GlobalBoost Media. All Rights Reserved.
  • Privacy Policy
  • Terms of Service
  • Our Authors
  • Contact

Type above and press Enter to search. Press Esc to cancel.

🍪

Cookies

We and our selected partners wish to use cookies to collect information about you for functional purposes and statistical marketing. You may not give us your consent for certain purposes by selecting an option and you can withdraw your consent at any time via the cookie icon.

Cookie Preferences

Manage Cookies

Cookies are small text that can be used by websites to make the user experience more efficient. The law states that we may store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your permission. This site uses various types of cookies. Some cookies are placed by third party services that appear on our pages.

Your permission applies to the following domains:

  • https://fsnn.net
Necessary
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Statistic
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Preferences
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
Marketing
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.