Ledger said a recently discovered vulnerability in a widely used Android smartphone processor chip could expose users who rely on software-based web3 wallets to attackers who gain physical access to their devices.
The firm’s Donjon research team showed that hardware fault injection could bypass core security checks and seize full control of the chip. The company stressed that the finding does not affect Ledger hardware wallets but reinforces the dangers of solely relying on smartphone hot wallets for securing digital assets.
In a Wednesday report, the Donjon team detailed how it examined the Mediatek Dimensity 7300 (MT6878) chip from TSMC, which appears across many consumer Android models. While software exploits on smartphones have long been a focus of security research, Ledger said physical attacks remain an overlooked risk, particularly given how frequently phones are lost or stolen. The team set out to determine whether electromagnetic fault injection (EMFI) could compromise the earliest stages of the boot process.
Using its open-source tooling, Ledger showed that it could disturb the chip’s boot ROM — the first, highest-privilege code that runs during startup — by injecting well-timed electromagnetic pulses. These disturbances caused the ROM to output a full linear dump of its own memory and working RAM, giving the researchers deep visibility into its operation. The unexpected behavior provided the information needed to identify an attack path.
The researchers then used EMFI to bypass filtering in the chip’s write command and overwrote the return address on the boot ROM’s stack. This allowed them to redirect execution, disable the memory management unit, and ultimately run arbitrary code at EL3 — the processor’s highest privilege level. According to Ledger, the attack could be repeated within minutes due to a 0.1% to 1% success rate and the ability to reboot the device continuously.
Ledger said the findings confirm that even the most advanced smartphone chips remain vulnerable to physical attacks, making them unsuitable environments for safeguarding private keys. “This experiment confirmed what we very strongly suspected, namely that even complex chips built on the most advanced process nodes can be vulnerable to fault injection,” the team wrote, reiterating that secure elements remain essential for digital self-custody.
The vulnerability was disclosed to Mediatek in May. Ledger said the vendor was responsive and has notified affected manufacturers. In its assessment, Mediatek said that EMFI attacks are outside the security scope of the MT6878 chipset, which is designed for consumer products rather than financial or hardware-security-module applications, adding that higher-security devices like crypto hardware wallets should include dedicated countermeasures.
Physical attacks on crypto users rise
The report comes amid a noticeable rise in physical attacks on crypto users globally. Earlier Thursday, The Block reported that two suspects were arrested in Vienna following the killing of a 21-year-old Ukrainian man who police say was robbed, assaulted, and left in a burned-out car after being forced to surrender his crypto wallets.
In June, French authorities charged 25 suspects — including teenagers and minors — in connection with a series of “wrench-attack” abductions targeting individuals with substantial crypto holdings. A month later, a Belgian court sentenced three men to 12 years each for their role in a crypto-kidnapping case that culminated in ransom demands tied to a large digital asset portfolio.
© 2025 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Trade Crypto On Coinhub Exchange
Trade Crypto On Coinhub Exchange
Stay ahead of the market by turning news insights into trading opportunities. With Coinhub Exchange, you can seamlessly buy, sell, and manage your digital assets, all in one secure platform. Take advantage of real-time market insights, deep liquidity, and fast execution for your favorite cryptocurrencies. Don’t just read about it — trade crypto now!
Disclaimer
The content of this article shown by Coinhub News, powered by The Block, is for informational purposes only and should not be construed as financial, legal, tax, or investment advice. Coinhub News and its affiliates are not a licensed financial advisor, legal advisor, broker, or tax advisor, and ... should not be considered as professional advice or a recommendation to engage in any specific investment, legal decision, or financial transaction. Cryptocurrency markets are highly speculative and volatile. Readers should perform their own independent research and consult with a qualified professional before making any financial or legal decisions. The opinions expressed in this article are those of the author and do not necessarily represent the views or opinions of the Company of its affiliates. Additionally, the Company does not make any representations or warranties regarding the accuracy, timeliness, reliability, or completeness of any information in this article. By accessing this content, you acknowledge that any reliance on the information contained in this article is solely at your own risk. The Company is not responsible for any financial losses, legal disputes, or other damages that may arise from reliance on this content or from any investment or legal decisions based on the information provided. Investing in cryptocurrencies involves substantial risks, including the risk of losing your entire investment, and you should carefully consider whether it is appropriate for your circumstances.
Read more
