- Ledger’s Donjon team exploited an unpatchable flaw in MediaTek’s Dimensity 7300 smartphone chip using electromagnetic fault injection.
- The vulnerability is located in the chip’s boot ROM, which cannot be updated after production.
- The attack allowed privilege escalation to the highest ARM security level within seconds.
- This exposes significant risks for private key storage on smartphones and highlights the importance of secure-element chips in hardware wallets.
- MediaTek considers electromagnetic fault injection attacks out of scope for this consumer-grade chip and recommends specialized countermeasures for high-security devices.
In recent research, Ledger revealed that its Donjon security lab successfully gained full control of a smartphone chip by exploiting a hardware vulnerability in a MediaTek processor. The flaw, found in the boot ROM of the MediaTek Dimensity 7300 (MT6878) system-on-chip, allows an attacker to bypass memory access checks through precisely timed electromagnetic pulses during the chip’s startup. This chip powers many Android devices.
The boot ROM is the earliest code executed during device startup, making this vulnerability unfixable through any software update. The team’s attack elevated privileges to EL3, the highest level in ARM’s architecture, within seconds, though individual attempts had a success rate between 0.1% and 1%.
According to the findings, such hardware exploits demonstrate the difficulty of safely storing private cryptographic keys on smartphones. As Ledger stated, “From Malware that users could be tricked into installing on their machines, to fully remote, zero-click exploits commonly used by government-backed entities, there is simply no way to safely store and use one’s private keys on those devices.” This raises concerns amid increasing crypto-related thefts, with over $2.17 billion stolen from cryptocurrency services in 2025 so far, exceeding 2024’s total, as reported by Chainalysis in July 2025.
The report underscores the value of hardware wallets, which keep private keys offline in secure elements—chips engineered to withstand both hardware and software attacks. In contrast, software or “hot” wallets stored on smartphones remain vulnerable to various forms of Hacking.
MediaTek responded within the report, clarifying that electromagnetic fault injection attacks were “out of scope” for the MT6878 chip, as it is designed for consumer devices and not for high-security environments like financial systems. They emphasized that devices requiring higher security, such as hardware crypto wallets, should integrate appropriate protections against such attacks.
Ledger emphasized that because the flaw resides in permanent silicon, affected devices remain vulnerable. Their research supports using secure-element chips for users managing sensitive cryptographic data or practicing self-custody, highlighting that smartphones’ security cannot exclude hardware attack risks.
For more detailed findings, visit the original Ledger report and related data from Chainalysis.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Nvidia CEO Warns U.S. Lawmakers AI Rules May Slow Progress
- SEC Halts Review of High-Leverage Crypto and Tech ETFs Amid Risks
- Ethereum’s Fusaka Upgrade Cuts Layer 2 Fees, Boosts Data Capacity
- OpenAI Acquires neptune.ai as It Doubles Down on ChatGPT Upgrades
- Microsoft AI Sales Targets Lowered, Stock Dips Amid Market Concerns
