Whitehats found a black hole in Solana Seeker’s chip
Security researchers have demonstrated that a popular processor used in Android phones, including the Seeker smartphone released by the developers of the popular Solana (SOL) blockchain, can be compromised, endangering users’ crypto assets.
Experts at the Ledger Donjon, a security research arm of the major hardware wallet manufacturer Ledger, looked into the MediaTek Dimensity 7300 (technical name MT6878) and found that criminals can take over a phone with this processor, not via malware but through the hardware itself.
The researchers used the so-called electromagnetic fault injection (EMFI), which uses precise electromagnetic pulses to disrupt the chip’s logic and bypass its security checks. In this experiment, they used open-source tooling, including the Silicon Toaster & Scaffold board.
"The attack worked!!! EMFI trial-and-error tricked the chip into dumping the entire Boot ROM, our map to the exploit," Charles Guillement, CTO at Ledger, said, adding that the researchers "achieved total control" of the device.
The attack worked!!!
undefined Charles Guillemet (@P3b7_) December 3, 2025
EMFI trial-and-error tricked the chip into dumping the entire Boot ROM - our map to the exploit. 🗺️
Next, by precisely faulting the WRITE command, we were able to overwrite the return address on the stack (a ROP primitive). pic.twitter.com/xRdBieGPwk
According to the CTO, the attack success rate is 0.1%-1%, meaning full compromise is a matter of just a few minutes of trying.
The Ledger Donjon team informed MediaTek about their findings back in May 2025, while the company informed all their affected OEM (original equipment manufacturer) vendors.
MediaTek emphasized that hardware EMFI attacks are out of scope for its MT6878 chipset, as it is designed to be used in consumer products, not for applications such as finance or hardware security modules.
"For products with higher hardware security requirements, such as hardware crypto wallets, we believe that they should be designed with appropriate countermeasures against EMFI attacks," the company said.
Meanwhile, the security researchers reminded that smartphones’ threat model cannot exclude hardware attacks, as devices can be lost or stolen.
"But the SoC [System-on-Chip] they use are no more exempt from the effects of fault injection than microcontrollers are, and security should really ultimately rely on Secure Elements, especially for self-custody," they concluded.
Meanwhile, the Solana Seeker smartphone is advertised as "secure by default," offering an "institutional-grade cold storage hardware wallet for digital assets."
While the developers haven't responded to the findings of the security researchers yet, they're now busy advertising their new token SKR, designed as the "native asset of the Solana Mobile ecosystem."
Unlock more exclusive Cybernews content on YouTube.
