Ledger Says Smartphones Aren’t Safe for Private Keys After Chip Test

A critical hardware flaw has been discovered in a smartphone chip, potentially exposing crypto holders to complete device takeover and private key theft, according to a new report from Ledger.

In findings published Wednesday, researchers at the hardware wallet maker said they successfully compromised the MediaTek Dimensity 7300, bypassing built-in protections and gaining what they described as “full and absolute control” of an affected handset.

The vulnerability, they warned, allows attackers with physical access to extract sensitive data, including cryptographic keys used to secure digital assets.

Smartphone Chips Exposed by Boot-Phase Attack, Ledger Finds

The chip powers a range of smartphones. Ledger security engineers Charles Christen and Léo Benito said the exploit hinges on electromagnetic fault injection during the chip’s earliest boot phase.

By carefully disrupting that process, the team was able to circumvent memory protections and overwrite security controls inside the system-on-chip.

“The result is total compromise,” the researchers said, adding that once the attack is successful, there is no technical barrier left to prevent access to data stored on the device.

Most importantly for crypto users, the vulnerability cannot be resolved through updates or software patches.

The weakness is embedded in the silicon itself, making it permanent for all devices built on the affected chipset. “Users remain exposed even after disclosure,” the researchers wrote.

While the chance of success in a single attempt is relatively low, estimated between 0.1% and 1%, the attack can be executed repeatedly in quick succession.

Ledger estimates that with enough attempts, compromise can occur in a matter of minutes.

MediaTek told Ledger the issue lies outside the design scope of the Dimensity 7300.

In a statement, the company said the chip was developed for consumer smartphones, not for environments requiring secure enclaves comparable to financial infrastructure or hardware security modules.

“For products handling sensitive cryptographic material, manufacturers should implement specific protections against physical attacks,” MediaTek said.

Ledger disclosed the flaw to MediaTek in early May after beginning tests in February. The chipmaker subsequently notified device vendors believed to be affected.

Solana Mobile to Launch SKR Governance Token in 2026

Solana Mobile plans to launch SKR, a native token tied to its Seeker phone, at the start of 2026, positioning it as the governance token for its mobile ecosystem.

The token will have a total supply of 10 billion, with 30% earmarked for airdrops and 25% set aside for growth and partnerships.

The remaining allocation includes 10% for liquidity, 10% for a community treasury, 15% for Solana Mobile, and 10% for Solana Labs.

The company says SKR is meant to give Seeker owners “actual ownership in the platform” and will feature linear inflation to reward early stakers.

More details are expected to be revealed at Solana Breakpoint Conference from Dec. 11–13.