Experts from Ledger's cybersecurity division have discovered an irrecoverable vulnerability in Android, which could cause investors to lose their cryptocurrencies.
The problem is related to a specific chip manufactured by Taiwan-based MediaTek. This is the Dimensity 7300, also known as MT6878, which is used in many Android smartphones currently on the market, including the recently released Solana Seeker.
This security issue is especially serious because of where it occurs. The vulnerability is located in the boot ROM of the chip, that is, it starts when the smartphone is turned on. Because this code is embedded in the physical chip itself, it cannot be fixed with regular software updates.
From malware that users can accidentally install on their computers to completely remote zero—click exploits that are usually used by government—backed organizations, it is simply impossible to securely store and use private keys on these devices," Ledger experts wrote.
Interestingly, the Taiwanese manufacturer of the problematic chip quickly responded to the statement from Ledger, which is known for its Nano hardware crypto wallets. MediaTek stated that attacks using electromagnetic interference are considered "inappropriate" for the MT6878 chip, since it was designed as a regular consumer product, and not as a "high-security component designed for financial systems or storing confidential information."