Security researchers at Ledger have discovered a serious flaw in MediaTek chips that affects millions of Android phones. The vulnerability allows attackers to steal crypto wallets in under a minute.
The flaw affects the Dimensity 7300 chip, found in roughly 25% of Android devices, including the Solana Seeker phone. It cannot be fixed with a software update because it exists in the chip’s factory-installed boot ROM.
Ledger’s team demonstrated that an attacker with physical access can use voltage glitches to bypass security checks. Once exploited, the attacker gains the highest privilege level in the processor, giving full access to private keys, PINs, and wallet data.
This exploit happens before the phone even boots. Ledger said it can be executed in about one second, making app-level security useless. Millions of devices are exposed, and no patch will be available for existing phones.
MediaTek was informed of the problem in May 2025 but offered no solution. The company said physical attacks are not its responsibility, a stance that critics argue is insufficient given the financial risk to users.
The vulnerability is particularly concerning because personal wallets now account for 44% of all stolen crypto value, compared with just 7.3% in 2022. Ledger advises users to move funds to hardware wallets for safety.
A software workaround may appear in the March 2026 Android Security Bulletin, but it cannot fully protect vulnerable devices. Mobile-first crypto projects now face a serious challenge, as hardware-level trust is critical for storing digital assets.
For anyone storing real money on an Android wallet, immediate action is recommended: transfer funds to secure hardware wallets to avoid potential loss.
