Security Flaw Poses Risk to Crypto Keys on MediaTek Dimensity 7300
Ledger has identified an unpatchable vulnerability in the MediaTek Dimensity 7300 chip, which is used in Solana phones. This flaw poses a significant risk to cryptocurrency keys stored on these devices.
The security flaw raises concerns about the reliability of smartphones for storing cryptocurrency, potentially impacting users who hold assets like SOL and BTC on affected devices.
Ledger’s security team has disclosed an unpatchable flaw within the MediaTek Dimensity 7300 chip that impacts Solana phones. This flaw allows attackers who have physical access to the device to extract sensitive data, including private keys, highlighting the inherent risks for cryptocurrency owners.
Research conducted by Ledger engineers Léo Benito and Charles Christen exposed the vulnerability through electromagnetic fault injection (EMFI) techniques. MediaTek has acknowledged the issue, but it remains unfixable through software updates. This affects the Solana Seeker smartphone range. As Léo Benito, Security Engineer at Ledger, stated, "The success of our research demonstrates that using general-purpose smartphone SoCs for crypto custody poses inherent risks; physical access to the device can lead to full control and data extraction."
Potential Threat to Solana Smartphone Security
Due to this flaw, Solana phones cannot be considered secure for storing cryptocurrency keys. MediaTek has stated that EMFI attacks are beyond the intended security design of their chips, advising the use of components with higher hardware security for critical applications. This recommendation aligns with insights from security research regarding smartphone hardware safety.
While the announcement has not yet led to observable market shifts, Ledger cautions that any cryptocurrency held via affected smartphones is currently at risk.
Ledger has found an unpatchable flaw in the MediaTek Dimensity 7300 chip used in Solana phones. This vulnerability allows for the extraction of private keys with physical access. pic.twitter.com/M7p4b0iV8L
— P3b7 (@P3b7_) June 2, 2024
The disclosure emphasizes the importance of secure elements over general-purpose chips in cryptocurrency environments.
Mass Market Chip Vulnerabilities in Crypto
Comparisons to previous hardware attacks demonstrate that physical access can compromise key privacy. This instance represents a rare vulnerability discovered in a mass market chip that is being used for cryptocurrency purposes, reinforcing the need for specialized security measures.
Ledger discovered an unpatchable vulnerability in the MediaTek Dimensity 7300 chip used in Solana phones, allowing attackers with physical access to extract private keys. This highlights risks for crypto stored on such devices.
— ForkLog (@ForkLog) June 2, 2024
Experts suggest that this flaw underlines a broader industry issue: the reliance on consumer-grade technology for cryptocurrency storage. An increased emphasis on secure elements is expected to emerge, similar to past shifts following the revelation of significant hardware vulnerabilities.