Posted:
- The issue revolved around a bootloader vulnerability.
- It wasn’t clear if the issue impacted just Solana Saga or other Android devices as well.
Blockchain security firm CertiK flagged a major vulnerability in Solana’s [SOL] Saga smartphones, which allowed hackers to drain users’ crypto assets.
Solana Saga, sensitive to hacks?
CertiK posted a video on social platform X (formerly Twitter), in which it discussed the details of the hack. Notably, the issue revolved around a bootloader vulnerability. This allowed a user with physical access to the phone to install a backdoor.
In cybersecurity, a backdoor is a method by which users bypass existing security systems to gain high-level access.
Once the device is backdoored, hackers may be able to unlock the bootloader. For the uninitiated, the bootloader is the software that loads the operating system at the start on Android devices.
A screenshot from CertiK’s video showed a warning on the Solana phone. This warning is an indication that the device is hacked.
The video then went on to explain how attackers might steal the phone owner’s crypto assets after gaining unauthorized access. CertiK termed the vulnerability as a:
“Challenge not just for this device but for the entire industry.”
Accusations were inconclusive
However, as of this writing, it wasn’t clear whether the highlighted issue impacted just Solana Saga or other Android devices as well.
AMBCrypto dug deeper and discovered that most Android devices come with a locked bootloader. However, a software command or help from the device manufacturer could unlock it. In other cases, they can only be unlocked through a software exploit.
Is your portfolio green? Check out the SOL Profit Calculator
While CertiK’s analysis caused anxiety, a section of users dismissed the findings. An X user with the pseudonym ‘peachmint’ said that bootloader unlocking was a standard feature in many Android devices.
I didn’t realize you guys had become Android security experts lol
Any Android phone can do this via bootloader unlock— peachmint (@peachmint00) November 15, 2023
Launched in April, Solana Saga is a Web3-focused Android smartphone, designed to make transacting and managing crypto assets easier. Solana cut the price of the flagship product by 40% earlier, terming it as the:
“Next step to get wider adoption of mobile Web3.”
Source: https://eng.ambcrypto.com/solana-saga-phones-at-risk-of-hacks-certik