A critical hardware flaw has been discovered in a smartphone chip used by the Solana Seeker and other devices, potentially exposing crypto holders to complete device takeover and private key theft, according to a new report from Ledger.

In findings published Wednesday, researchers at the hardware wallet maker said they successfully compromised the MediaTek Dimensity 7300, bypassing built-in protections and gaining what they described as “full and absolute control” of an affected handset.

The vulnerability, they warned, allows attackers with physical access to extract sensitive data, including cryptographic keys used to secure digital assets.

Solana Seeker Chip Exposed by Boot-Phase Attack, Ledger Finds

The chip powers a range of smartphones, including the crypto-centric Solana Seeker, which markets itself as a mobile gateway for decentralized applications.

Ledger security engineers Charles Christen and Léo Benito said the exploit hinges on electromagnetic fault injection during the chip’s earliest boot phase.

By carefully disrupting that process, the team was able to circumvent memory protections and overwrite security controls inside the system-on-chip.

“The result is total compromise,” the researchers said, adding that once the attack is successful, there is no technical barrier left to prevent access to data stored on the device.

Most importantly for crypto users, the vulnerability cannot be resolved through updates or software patches.

The weakness is embedded in the silicon itself, making it permanent for all devices built on the affected chipset. “Users remain exposed even after disclosure,” the researchers wrote.

While the chance of success in a single attempt is relatively low, estimated between 0.1% and 1%, the attack can be executed repeatedly in quick succession.

Ledger estimates that with enough attempts, compromise can occur in a matter of minutes.

MediaTek told Ledger the issue lies outside the design scope of the Dimensity 7300.

In a statement, the company said the chip was developed for consumer smartphones, not for environments requiring secure enclaves comparable to financial infrastructure or hardware security modules.

“For products handling sensitive cryptographic material, manufacturers should implement specific protections against physical attacks,” MediaTek said.

Ledger disclosed the flaw to MediaTek in early May after beginning tests in February. The chipmaker subsequently notified device vendors believed to be affected.

Solana Mobile to Launch SKR Governance Token in 2026

Solana Mobile plans to launch SKR, a native token tied to its Seeker phone, at the start of 2026, positioning it as the governance token for its mobile ecosystem.

The token will have a total supply of 10 billion, with 30% earmarked for airdrops and 25% set aside for growth and partnerships.

The remaining allocation includes 10% for liquidity, 10% for a community treasury, 15% for Solana Mobile, and 10% for Solana Labs.

The company says SKR is meant to give Seeker owners “actual ownership in the platform” and will feature linear inflation to reward early stakers.

More details are expected to be revealed at Solana Breakpoint Conference from Dec. 11–13.

The post Solana Seeker’s Core Chip Found to Have Unfixable Security Hole, Ledger Reports appeared first on Cryptonews.

The U.S. Department of Justice (DOJ) has taken down a web domain linked to a major crypto investment scam operating out of Burma, targeting people in the United States.

The site, tickmilleas(dot)com, was allegedly run by operators inside the Tai Chang scam compound, also known as Casino Kosai, in the village of Kyaukhat.

Investigators say the website pretended to be a legitimate trading platform but instead pulled victims into a coordinated and highly deceptive crypto scheme.

Federal Agencies Remove Thousands of Accounts, Apps in Crackdown on Tai Chang Scam Network

An affidavit supporting the seizure links the Tai Chang compound to the Democratic Karen Benevolent Army and the Trans Asia International Holding Group Thailand Company Limited.

The department said both groups were sanctioned last year for ties to Chinese organized crime and their involvement in setting up scam centers across Southeast Asia.

The domain seizure follows the recent launch of the District of Columbia’s Scam Center Strike Force and the takedown of two other domains tied to the same operation.

Victims told the FBI that the tickmilleas(dot)com platform showed fake profits, staged deposits, and other fabricated data meant to make it look like their trades were performing well.

Scammers reportedly walked victims through these fake trades to build trust, even though the entire system was controlled behind the scenes.

Although the domain was only registered in early November 2025, investigators have already identified several victims who lost money within weeks.

The DOJ has since replaced the site with a notice telling visitors the domain has been seized.

The affidavit also says the domain directed people to download scam mobile apps from Google Play and the Apple App Store.

After receiving warnings from the FBI, both companies removed several apps linked to the operation.

Meta also took down more than 2,000 connected accounts after receiving information about the Tai Chang network.

Federal officials say these actions reflect growing concern about crypto-related investment scams, which remain one of the most damaging categories of online crime in the United States.

In 2024, the FBI’s Internet Crime Complaint Center recorded more than 41,000 complaints tied to crypto investment fraud, totaling an estimated $5.8 billion in losses.

DOJ Intensifies Crypto Crime Crackdown With New Charges, Seizures, and Sanctions

The action comes during a period of intense federal activity against crypto-related crime.

On November 20, prosecutors unsealed charges against former Olympic snowboarder Ryan Wedding, accusing him of running a Tether-based laundering network for drug money and allegedly ordering the murder of a federal witness in Colombia earlier this year.

A few days earlier, on November 14, the DOJ announced the sentencing of Travis Ford, the CEO of Wolf Capital Crypto Trading, who received a five-year prison sentence for running a $9.4 million investment scam advertised as offering daily returns of up to two percent.

Federal investigators also moved to seize more than $15 million in USDT connected to North Korea’s APT38 hacking unit, which they say carried out several major crypto exchange breaches in 2023.

The FBI seized the funds in March 2025 and is now asking a court for permission to return the assets to the victims.

In a separate case, prosecutors secured guilty pleas from five people accused of helping North Korean IT workers secretly obtain jobs in U.S. companies.

Other recent enforcement steps include a civil forfeiture case tied to $584,741 in USDT linked to an Iranian national accused of supporting the Islamic Revolutionary Guard Corps’ drone program.

Additionally, in September, the DOJ sanctioned 19 entities in Myanmar and Cambodia for running forced-labor scam compounds used to operate large-scale crypto fraud networks.

The post DOJ Seizes Burma Crypto Scam Domain After Victims Lost Millions in Fake Trading Scheme appeared first on Cryptonews.

A crypto buyer in Trinidad was robbed of roughly $85,800 in cash during an evening ambush at a pharmacy car park, marking the latest in a fast-rising wave of global “wrench attacks” targeting digital-asset holders.

According to a report by Trinidad and Tobago Newsday, the victim, a 52-year-old Arouca resident, drove to a SuperPharm parking lot along Trincity Central Road on November 29 to meet a man he had been trading cryptocurrency with for nearly two years.

$85K Trinidad Heist Joins Over 60 Cases Of Physical Crypto Crimes, Researcher Says

The man, a 33-year-old from Belmont, entered the vehicle as he had done in previous transactions. The buyer then handed him a black bag containing $85,800 in cash intended for a crypto purchase.

Moments later, two armed men wearing hoodies approached both sides of the vehicle and announced a robbery. They smashed their way in, grabbed the cash and the victims’ mobile phones, and escaped in a waiting car.

The victim later reported the incident to the Arouca Police Station. Investigators have not disclosed whether the longtime trading partner was involved or was also targeted.

The robbery occurred on the same weekend police responded to two unrelated vehicle thefts at nearby shopping centers, adding to concerns about rising property crime in the area.

A St. Joseph woman reported her Nissan B14 stolen from the One Woodbrook Place basement car park, while another woman discovered her Suzuki Vitara missing from the Trincity Mall parking lot. Police say investigations into all incidents are ongoing.

Although cash was stolen, security analysts categorize it within a growing class of physical attacks linked to digital-asset activity.

These incidents, informally referred to as “wrench attacks”, involve criminals using violence, coercion, or kidnapping to force victims to hand over wallet credentials, sign transactions, or surrender funds.

Jameson Lopp, co-founder of security firm Casa and one of the few researchers tracking physical crypto crimes, has documented more than 60 such attacks this year, already surpassing last year’s total by more than 30%.

Lopp describes a 169% rise in cases since February, with France currently leading global reports at 14 confirmed incidents.

Physical Crypto Crimes Escalate Worldwide, From Home Invasions to Kidnappings

Notably, the violence attached to these crimes has escalated. Last week, a British Columbia court detailed a 2024 home invasion where a family was tied, tortured, and waterboarded as attackers demanded access to cryptocurrency.

The gang sought 200 BTC before taking $1.6 million in digital assets. One suspect, Tsz Wing Boaz Chan, later pleaded guilty and received a seven-year sentence.

In the United States, authorities are also investigating a violent robbery in San Francisco on November 24, Police have released few details and no arrests have been made.

Similar incidents have been recorded across major cities. An Italian tourist kidnapped in New York was held for more than two weeks while captors attempted to extract his Bitcoin credentials, leading to a case that has since drawn internal scrutiny within the NYPD.

In Chicago, six men were charged earlier this year with kidnapping residents and coercing them to transfer $15 million in crypto, with similar attacks reported worldwide.

France has seen some of the most organized efforts. Prosecutors say criminal groups have used fake delivery uniforms, pre-attack intelligence gathering, and stolen service vans to identify potential targets.

In one high-profile case earlier this year, Ledger co-founder David Balland and his wife were kidnapped for 48 hours; Balland later told investigators his finger was severed during the ordeal.

Analysts say the surge in physical crime coincides with continued strength in crypto markets, which has raised the value of private holdings and drawn criminals toward coercion rather than online hacking.

The post Armed Robbers Steal $85K in Trinidad Crypto Ambush — “Wrench Attacks” Now Strike Weekly appeared first on Cryptonews.