Ledger Says Popular Chip Used In Smartphones Vulnerable To...

Ledger says it was able to gain “full and absolute control” over a smartphone by using electromagnetic pulses to take over its chip.

A chip widely used in smartphones has an unfixable vulnerability that could allow attackers to gain complete control and steal private keys stored on the device, according to crypto wallet maker Ledger.

Ledger said in a report on Wednesday that it tested an attack on the MediaTek Dimensity 7300 (MT6878), and bypassed its security measures to gain “full and absolute control over the smartphone, with no security barrier left standing.”

Ledger security engineers Charles Christen and Léo Benito explained that they took control of the chip using electromagnetic pulses during the chip’s initial boot process.

Crypto wallets often rely on private keys, which some users store on their phones, meaning bad actors can extract private keys from a device to steal from a crypto wallet.

“There is simply no way to safely store and use one’s private keys on those devices,” Christen and Benito said.

The fault injection vulnerability can’t be fixed through a software update or patch, because the issue is coded into the silicon of the smartphone’s system on chip (SOC), meaning “users stay vulnerable even if the vulnerability is disclosed,” according to Christen and Benito.

Ultimately, the attack success rate is low, between 0.1% to 1%, but the duo said the speed at which it can be repeatedly initiated means that eventually an attacker will gain access in “only a matter of a few minutes.”

MediaTek told Ledger that electromagnetic fault injection attacks are “out of scope” for the MT6878 chip.

Related: Cloudflare blames database error for outage that took down 20% of the internet

Source: CoinTelegraph