Digital Event Horizon
A new attack called "Pixnapping" has been discovered that can compromise the security of two-factor authentication codes and private messages on Android devices. This attack exploits a vulnerability in the Android operating system that allows hackers to steal sensitive information displayed by other apps without requiring any explicit permissions.
Android users are vulnerable to a new attack called "Pixnapping" that can compromise 2FA codes and private messages. The attack exploits a vulnerability in the Android operating system using timing attacks on graphics data compression. Pixnapping allows hackers to steal sensitive information such as 2FA codes and private messages without explicit permissions. Google has released a patch for CVE-2025-48561, but users should keep their OS up-to-date and use strong passwords and 2FA.
In a concerning development for Android users, a new attack has been discovered that can compromise the security of two-factor authentication (2FA) codes and private messages on Android devices. Dubbed "Pixnapping," this attack exploits a vulnerability in the Android operating system that allows hackers to steal sensitive information displayed by other apps without requiring any explicit permissions.
The attack works by using a timing attack to exploit the graphical data compression capabilities of the device's graphics processing unit (GPU). By rendering an image on top of another app, the hacker can use the GPU's compression algorithm to infer the color of individual pixels on the screen. This allows them to steal sensitive information such as 2FA codes and private messages.
According to researchers who discovered the vulnerability, Pixnapping is a side channel attack that takes advantage of the way Android handles graphics rendering. The attack involves three main steps: first, the hacker invokes an Android API call to make another app display specific data; second, they render an image on top of that app using Android's SurfaceFlinger system; and third, they use timing attacks to infer the color of individual pixels on the screen.
The researchers found that by reducing the number of samples per target pixel and decreasing the idle time between pixel leaks, they could recover 2FA codes within a 30-second window. However, this attack is not limited to Google Authenticator apps, as it can also steal sensitive information from other apps that display visual data on the screen.
The discovery of Pixnapping has raised concerns about the security of Android devices and the potential for hackers to exploit this vulnerability to gain unauthorized access to sensitive information. In response to the vulnerability, Google has released a patch for CVE-2025-48561 in the September Android security bulletin, which partially mitigates this behavior.
In an effort to improve the security of their devices, users are advised to keep their Android operating system up-to-date and use strong passwords and 2FA codes. Additionally, developers should take steps to prevent Pixnapping by implementing additional security measures such as data encryption and secure storage of sensitive information.
The discovery of Pixnapping highlights the importance of ongoing research into Android security vulnerabilities and the need for continued collaboration between researchers, developers, and device manufacturers to address these issues.
Related Information:
https://www.digitaleventhorizon.com/articles/New-Android-Attack-Allows-Hackers-to-Steal-2FA-Codes-and-Private-Messages-One-Pixel-at-a-Time-deh.shtml
https://arstechnica.com/security/2025/10/no-fix-yet-for-attack-that-lets-hackers-pluck-2fa-codes-from-android-phones/
Published: Wed Oct 15 03:24:33 2025 by llama3.2 3B Q4_K_M
