Solana Saga phones at risk of hacks: CertiK

David Heredia November 11, 2023
Solana Saga phones at risk of hacks: CertiK

Blockchain security firm CertiK flagged a major vulnerability in Solana’s [SOL] Saga smartphones, which allowed hackers to drain users’ crypto assets.

CertiK posted a video on social platform X (formerly Twitter), in which it discussed the details of the hack. Notably, the issue revolved around a bootloader vulnerability. This allowed a user with physical access to the phone to install a backdoor.

In cybersecurity, a backdoor is a method by which users bypass existing security systems to gain high-level access.

Once the device is backdoored, hackers may be able to unlock the bootloader. For the uninitiated, the bootloader is the software that loads the operating system at the start on Android devices.

A screenshot from CertiK’s video showed a warning on the Solana phone. This warning is an indication that the device is hacked.

The video then went on to explain how attackers might steal the phone owner’s crypto assets after gaining unauthorized access. CertiK termed the vulnerability as a:

However, as of this writing, it wasn’t clear whether the highlighted issue impacted just Solana Saga or other Android devices as well.

AMBCrypto dug deeper and discovered that most Android devices come with a locked bootloader. However, a software command or help from the device manufacturer could unlock it. In other cases, they can only be unlocked through a software exploit.

While CertiK’s analysis caused anxiety, a section of users dismissed the findings. An X user with the pseudonym ‘peachmint’ said that bootloader unlocking was a standard feature in many Android devices.

Launched in April, Solana Saga is a Web3-focused Android smartphone, designed to make transacting and managing crypto assets easier. Solana cut the price of the flagship product by 40% earlier, terming it as the:

David Heredia