Android devices from Google and Samsung researchers identified as vulnerable to a side-channel attack could allow attackers to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data pixel-by-pixel, without the users’ knowledge.
The attack, moreover, a group of academics from the University of California (Berkeley), University of Washington, University of California (San Diego), and Carnegie Mellon University codenamed Pixnapping.
Pixnapping
Pixnapping, at its core, constitutes a pixel-stealing framework that targets Android devices, and it bypasses browser mitigations while siphoning data from non-browser apps like Google Authenticator. Specifically, the researchers exploit Android APIs and a hardware side-channel so that a malicious app can weaponize the technique to capture 2FA codes in under 30 seconds.
“Our key observation is that Android APIs enable an attacker to create an analog to [Paul] Stone-style attacks outside of the browser,” the researchers said in a paper. “Specifically, a malicious app can force victim pixels into the rendering pipeline via Android intents and compute on those victim pixels using a stack of semi-transparent Android activities.”
The study concentrated on five devices from Google and Samsung running Android versions 13 to 16, and while researchers did not confirm whether devices from other original equipment manufacturers (OEMs) suffer from Pixnapping, the necessary underlying methodology to pull off the attack exists in all devices running the mobile operating system.
What makes the novel attack significant is that any Android app can execute it, even when the application does not request special permissions via its manifest file. However, the attack requires that the victim install and launch the app after the attacker convinces them by some other means.
The side-channel that enables Pixnapping goes by GPU.zip, which some of the same researchers disclosed in September 2023. The attack takes advantage of a compression feature in modern integrated GPUs (iGPUs) to perform cross-origin pixel stealing attacks in the browser using SVG filters.
Overview of our pixel stealing framework
The Attacks
The latest class of attack combines this technique with Android’s window blur API to leak rendering data and enable theft from victim apps. To accomplish this, a malicious Android app sends victim app pixels into the rendering pipeline and overlays semi-transparent activities using intents — an Android software mechanism that allows navigation between applications and activities.
In other words, an attacker invokes a target app containing information of interest (e.g., 2FA codes) and causes the data to be submitted for rendering. Next, the rogue app installed on the device isolates the coordinates of a target pixel (i.e., ones which contain the 2FA code) and induces a stack of semi-transparent activities to mask, enlarge, and transmit that pixel using the side-channel. The attacker then repeats this step for every pixel pushed to the rendering pipeline.
The researchers said Android is vulnerable to Pixnapping due to a combination of three factors that allow an app to –
- Send another app’s activities to the Android rendering pipeline (e.g., with intents)
- Induce graphical operations (e.g., blur) on pixels displayed by another app’s activities
- Measure the pixel color-dependent side effects of graphical operations
Patches for this Vulnerability
Google is tracking the issue under the CVE identifier CVE-2025-48561 (CVSS score: 5.5). Patches for the vulnerability appeared in the company’s September 2025 Android Security Bulletin, with Google noting that: “An application requesting lots and lots of blurs: (1) enables pixel stealing by measuring how long it takes to perform a blur across windows, [and] (2) probably isn’t very valid anyways.”
However, researchers later discovered a workaround that can re-enable Pixnapping. The company says it is working on a fix.
Furthermore, the study found that this behavior allows an attacker to determine whether an arbitrary app is installed on the device, thereby bypassing restrictions Google implemented since Android 11 that prevent querying the list of all installed apps on a user’s device. Google marked the app-list bypass as “won’t fix,” and developers have not patched it.
“Like browsers at the beginning, the intentionally collaborative and multi-actor design of mobile app layering makes the obvious restrictions unappealing,” the researchers concluded.
“App layering is not going away, and layered apps would be useless with a no-third-party-cookies style of restriction. A realistic response is making the new attacks as unappealing as the old ones: allow sensitive apps to opt out and restrict the attacker’s measurement capabilities so that any proof-of-concept stays just that.”
Source: TheHackerNews
Read more at Impreza News
