Critical Security Flaw Discovered in Solana Seeker Smartphone Chip

• Ledger found a critical vulnerability in the MediaTek chip used in Solana Seeker and other smartphones.
• Attackers can gain full device control using electromagnetic pulses during the chip boot process.

Ledger,​‍​‌‍​‍‌​‍​‌‍​‍‌ the maker of hardware wallets, has found an alarming security vulnerability in a processor that is widely used in smartphones. The crypto-focused Solana Seeker is one of the devices that uses the affected processor. The flaw is not fixable by any regular software patch; thus, the users’ digital assets may be the target of theft without their knowledge. The security team has come up with a working scenario in which electromagnetic interference can completely break down the security of the ​‍​‌‍​‍‌​‍​‌‍​‍‌chip.

Unfixable Hardware Weakness Threatens Crypto Storage

On​‍​‌‍​‍‌​‍​‌‍​‍‌ Wednesday, Ledger’s security team announced that the MediaTek Dimensity 7300 processor has a defect that is hardwired into its physical configuration. In their presentation, researchers Charles Christen and Léo Benito demonstrated how they were able to take absolute control of devices equipped with this chipset using pinpointed electromagnetic pulses. The assault mollifies the chip when it is powering up, and thus, the protection systems installed on the device are ​‍​‌‍​‍‌​‍​‌‍​‍‌circumvented.

The​‍​‌‍​‍‌​‍​‌‍​‍‌ vulnerability is especially a weapon against cryptocurrency holders that keep private keys on their smartphones to access digital wallets. In a scenario where attackers manage to access the system, they can simply pick up these most essential authentication credentials and make victims’ cryptocurrency holdings vanish by themselves without any authorization. The engineers at Ledger made it very clear that secure private key storage is no longer possible on the affected devices, even if you have additional security layers in place. 

The flaw is inherent in the silicon itself; thus, traditional patches are of no use, as the vulnerability lies in the hardware’s fundamental design. Users are still in the line of fire even after they have been informed of the security issue because there is no way to completely get rid of the risk. The success rate of individual attack attempts is only between 0.1% and 1%; however, attackers can keep repeating the attempts every second. The fast repetition rate is the reason why a successful compromise occurs within minutes, even though the individual success rates are ​‍​‌‍​‍‌​‍​‌‍​‍‌low.

MediaTek​‍​‌‍​‍‌​‍​‌‍​‍‌ came back with a statement that the MT6878 processor is not a device to be used for financial or high-security applications, such as hardware security modules. The company admits that the chip is not specifically hardened against an injection of an electromagnetic fault but considers such an attack as being far beyond its normal operational parameters. MediaTek advised that devices requiring high security should be equipped with the necessary defensive countermeasures against such complex physical attacks at the design stage. 

After the successful exploit, Ledger informed the vulnerability to MediaTek’s security team in May, thus giving the affected manufacturers the opportunity to ​‍​‌‍​‍‌​‍​‌‍​‍‌respond.

Highlighted Crypto News Today: 

XBO.com Expands Spot Trading With Tokenized Global Stocks