PANews reported on December 4th that, according to The Block, Ledger has discovered a vulnerability in a widely used Android smartphone processor chip. Users relying on software-based Web3 wallets are at risk if their devices are physically accessed by attackers. Ledger's Donjon team discovered that hardware fault injection can bypass core security checks and gain control of the chip. While this discovery does not affect Ledger's hardware wallet, it highlights the dangers of relying solely on smartphone hot wallets for digital asset security. The team tested MediaTek's Dimensity 7300 chip manufactured by TSMC to determine whether electromagnetic fault injection could disrupt the earliest stages of the boot process. Using open-source tools, they injected timely electromagnetic pulses into the chip's boot ROM to obtain its operational information and identify the attack path. Subsequently, the team bypassed the filtering mechanism in the chip's write commands and overwrote the return address on the boot ROM stack, enabling arbitrary code execution at EL3 (the processor's highest privilege level), and the attack could be repeated within minutes. Ledger stated that even the most advanced smartphone chips are vulnerable to physical attacks and are unsuitable as environments for protecting private keys, reiterating that secure elements are crucial for the self-custody of digital assets. The vulnerability was notified to MediaTek in May, and the supplier has notified affected manufacturers.PANews reported on December 4th that, according to The Block, Ledger has discovered a vulnerability in a widely used Android smartphone processor chip. Users relying on software-based Web3 wallets are at risk if their devices are physically accessed by attackers. Ledger's Donjon team discovered that hardware fault injection can bypass core security checks and gain control of the chip. While this discovery does not affect Ledger's hardware wallet, it highlights the dangers of relying solely on smartphone hot wallets for digital asset security. The team tested MediaTek's Dimensity 7300 chip manufactured by TSMC to determine whether electromagnetic fault injection could disrupt the earliest stages of the boot process. Using open-source tools, they injected timely electromagnetic pulses into the chip's boot ROM to obtain its operational information and identify the attack path. Subsequently, the team bypassed the filtering mechanism in the chip's write commands and overwrote the return address on the boot ROM stack, enabling arbitrary code execution at EL3 (the processor's highest privilege level), and the attack could be repeated within minutes. Ledger stated that even the most advanced smartphone chips are vulnerable to physical attacks and are unsuitable as environments for protecting private keys, reiterating that secure elements are crucial for the self-custody of digital assets. The vulnerability was notified to MediaTek in May, and the supplier has notified affected manufacturers.
Ledger researchers have discovered a vulnerability in an Android chip that exposes mobile Web3 wallets to physical attack risks.
PANews reported on December 4th that, according to The Block, Ledger has discovered a vulnerability in a widely used Android smartphone processor chip. Users relying on software-based Web3 wallets are at risk if their devices are physically accessed by attackers. Ledger's Donjon team discovered that hardware fault injection can bypass core security checks and gain control of the chip. While this discovery does not affect Ledger's hardware wallet, it highlights the dangers of relying solely on smartphone hot wallets for digital asset security.
The team tested MediaTek's Dimensity 7300 chip manufactured by TSMC to determine whether electromagnetic fault injection could disrupt the earliest stages of the boot process. Using open-source tools, they injected timely electromagnetic pulses into the chip's boot ROM to obtain its operational information and identify the attack path. Subsequently, the team bypassed the filtering mechanism in the chip's write commands and overwrote the return address on the boot ROM stack, enabling arbitrary code execution at EL3 (the processor's highest privilege level), and the attack could be repeated within minutes. Ledger stated that even the most advanced smartphone chips are vulnerable to physical attacks and are unsuitable as environments for protecting private keys, reiterating that secure elements are crucial for the self-custody of digital assets. The vulnerability was notified to MediaTek in May, and the supplier has notified affected manufacturers.
Market Opportunity
Helium Mobile Price(MOBILE)
$0,0001839
$0,0001839$0,0001839
USD
Helium Mobile (MOBILE) Live Price Chart
Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
You May Also Like
Franklin Templeton CEO Dismisses 50bps Rate Cut Ahead FOMC
The post Franklin Templeton CEO Dismisses 50bps Rate Cut Ahead FOMC appeared on BitcoinEthereumNews.com. Franklin Templeton CEO Jenny Johnson has weighed in on whether the Federal Reserve should make a 25 basis points (bps) Fed rate cut or 50 bps cut. This comes ahead of the Fed decision today at today’s FOMC meeting, with the market pricing in a 25 bps cut. Bitcoin and the broader crypto market are currently trading flat ahead of the rate cut decision. Franklin Templeton CEO Weighs In On Potential FOMC Decision In a CNBC interview, Jenny Johnson said that she expects the Fed to make a 25 bps cut today instead of a 50 bps cut. She acknowledged the jobs data, which suggested that the labor market is weakening. However, she noted that this data is backward-looking, indicating that it doesn’t show the current state of the economy. She alluded to the wage growth, which she remarked is an indication of a robust labor market. She added that retail sales are up and that consumers are still spending, despite inflation being sticky at 3%, which makes a case for why the FOMC should opt against a 50-basis-point Fed rate cut. In line with this, the Franklin Templeton CEO said that she would go with a 25 bps rate cut if she were Jerome Powell. She remarked that the Fed still has the October and December FOMC meetings to make further cuts if the incoming data warrants it. Johnson also asserted that the data show a robust economy. However, she noted that there can’t be an argument for no Fed rate cut since Powell already signaled at Jackson Hole that they were likely to lower interest rates at this meeting due to concerns over a weakening labor market. Notably, her comment comes as experts argue for both sides on why the Fed should make a 25 bps cut or…
Share
BitcoinEthereumNews2025/09/18 00:36
XRP Treasury Firm Evernorth Prepares Public Listing to Boost Institutional Exposure
Evernorth is working toward a Q1 Nasdaq listing through a SPAC merger, giving XRP exposure to Wall Street investors. Funds raised will be used to back DeFi products
Share
Crypto News Flash2026/01/17 20:01
XRP Treasury Firm Evernorth Prepares Public Listing
The post XRP Treasury Firm Evernorth Prepares Public Listing appeared on BitcoinEthereumNews.com. Kelvin is a crypto journalist/editor with over six years of experience
Share
BitcoinEthereumNews2026/01/17 20:13