Android devices from Google and Samsung have been found to be vulnerable to side-channel attacks that can be exploited to secretly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data pixel by pixel without the user’s knowledge.
The attack was codenamed “Pixnapping” by a group of academics from the University of California (Berkeley), the University of Washington, the University of California (San Diego), and Carnegie Mellon University.
At its core, Pixnapping is a pixel theft framework aimed at Android devices by bypassing browser mitigations and leveraging Android APIs and hardware side channels to siphon data from non-browser apps such as Google Authenticator. This allows malicious apps to weaponize techniques to capture 2FA codes within 30 seconds.
“Our key observation is that the Android API allows attackers to create something similar. [Paul] “Specifically, a malicious app could force a victim pixel into the rendering pipeline via an Android intent and use a translucent stack of Android activities to calculate the victim pixel,” the researchers wrote in their paper.
While this research specifically focused on five devices from Google and Samsung running Android versions 13 to 16, and it is not clear whether Android devices from other original equipment manufacturers (OEMs) are susceptible to Pixnapping, the basic techniques needed to carry out the attack are present on all devices running mobile operating systems.
The significance of this new attack is that it can be executed using an Android app even if the application is not granted special permissions through its manifest file. However, this attack relies on the victim being persuaded to install and launch the app through other means.
The side channel that enables Pixnapping is GPU.zip, which was published by some of the same researchers in September 2023. This attack essentially leverages the compression capabilities of modern integrated GPUs (iGPUs) to perform a cross-origin pixel theft attack within the browser using an SVG filter.
Pixel Steel Framework Overview
The latest attack class combines this with Android’s window blurring API to leak rendering data and enable theft from the victim app. To accomplish this, a malicious Android app sends the victim app’s pixels to the rendering pipeline and is used to overlay a translucent activity using intents, an Android software mechanism that allows navigation between applications and activities.
In other words, the idea is to call the target app with the information you’re interested in (such as a 2FA code) and have it send the data for rendering. A malicious app installed on the device then isolates the coordinates of the target pixel (i.e., the pixel containing the 2FA code) and directs a stack of translucent activities to mask, magnify, and transmit that pixel using side channels. This step is repeated for each pixel pushed into the rendering pipeline.
The researchers said that Android is vulnerable to Pixnapping due to a combination of three factors that make apps able to:
Send another app’s activity to the Android rendering pipeline (for example, using an intent) to induce a graphical operation (for example, blur) on the pixels displayed by another app’s activity. Measures pixel color-dependent side effects of graphic operations.
Google is tracking this issue with CVE identifier CVE-2025-48561 (CVSS score: 5.5). A patch for this vulnerability was issued by the tech giant as part of its September 2025 Android Security Bulletin, with Google stating: “An application requests too many blurs: (1) it enables pixel theft by measuring the time it takes to perform the blur across the window; [and] In any case, (2) is probably not very valid. ”
However, it has since been discovered that there is a workaround that can be used to re-enable Pixnapping. The company is said to be working on a fix.
Additionally, this research found that as a result of this behavior, an attacker may be able to determine whether any apps are installed on a user’s device, bypassing a restriction implemented since Android 11 that prohibits querying the list of all apps installed on a user’s device. App list bypass remains unpatched and Google has marked it as “not fixed.”
The researchers concluded, “Like the original browser, mobile app layering is an intentionally collaborative, multi-actor design that makes obvious limitations unattractive.”
“App layering is here to stay, and third-party cookie-free style restrictions won’t help layered apps. A practical response is to make new attacks as unattractive as old ones: opt out of sensitive apps, limit attackers’ ability to measure, and ensure proofs of concept remain intact.”
Source link
