Android gadgets from Google and Samsung have been discovered weak to a side-channel assault that might be exploited to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and different delicate information with out the customers’ data pixel-by-pixel.
The assault has been codenamed Pixnapping by a bunch of lecturers from the College of California (Berkeley), College of Washington, College of California (San Diego), and Carnegie Mellon College.
Pixnapping, at its core, is a pixel-stealing framework geared toward Android gadgets in a fashion that bypasses browser mitigations and even siphons information from non-browser apps like Google Authenticator by benefiting from Android APIs and a {hardware} side-channel, permitting a malicious app to weaponize the method to seize 2FA codes in underneath 30 seconds.
“Our key remark is that Android APIs allow an attacker to create an analog to [Paul] Stone-style assaults outdoors of the browser,” the researchers stated in a paper. “Particularly, a malicious app can drive sufferer pixels into the rendering pipeline through Android intents and compute on these sufferer pixels utilizing a stack of semi-transparent Android actions.”
The examine particularly centered on 5 gadgets from Google and Samsung operating Android variations 13 to 16, and whereas it isn’t clear if Android gadgets from different unique tools producers (OEMs) are prone to Pixnapping, the underlying methodology needed to drag off the assault is current in all gadgets operating the cell working system.
What makes the novel assault important is that any Android app can be utilized to execute it, even when the appliance doesn’t have any particular permissions connected through its manifest file. Nevertheless, the assault presupposes that the sufferer has been satisfied by another means to put in and launch the app.
The side-channel that makes Pixnapping potential is GPU.zip, which was disclosed by a few of the identical researchers again in September 2023. The assault basically takes benefit of a compression characteristic in trendy built-in GPUs (iGPUs) to carry out cross-origin pixel stealing assaults within the browser utilizing SVG filters.
 |
| Overview of our pixel stealing framework |
The newest class of assault combines this with Android’s window blur API to leak rendering information and allow theft from sufferer apps. With a view to accomplish this, a malicious Android app is used to ship sufferer app pixels into the rendering pipeline and overlay semi-transparent actions utilizing intents – an Android software program mechanism that enables for navigation between functions and actions.
In different phrases, the concept is to invoke a goal app containing info of curiosity (e.g., 2FA codes) and trigger the information to be submitted for rendering, following which the rogue app put in the gadget isolates the coordinates of a goal pixel (i.e., ones which comprise the 2FA code) and induces a stack of semi-transparent actions to masks, enlarge, and transmit that pixel utilizing the side-channel. This step is then repeated for each pixel pushed to the rendering pipeline.
The researchers stated Android is weak to Pixnapping on account of a mix of three components that permit an app to –
- Ship one other app’s actions to the Android rendering pipeline (e.g., with intents)
- Induce graphical operations (e.g., blur) on pixels displayed by one other app’s actions
- Measure the pixel color-dependent negative effects of graphical operations
Google is monitoring the difficulty underneath the CVE identifier CVE-2025-48561 (CVSS rating: 5.5). Patches for the vulnerability have been issued by the tech big as a part of its September 2025 Android Safety Bulletin, with Google noting that: “An software requesting heaps and plenty of blurs: (1) allows pixel stealing by measuring how lengthy it takes to carry out a blur throughout home windows, [and] (2) most likely is not very legitimate anyhow.”
Nevertheless, it has since come to mild that there exists a workaround that can be utilized to re-enable Pixnapping. The corporate is claimed to be engaged on a repair.
Moreover, the examine discovered that as a consequence of this conduct, it is potential for an attacker to find out if an arbitrary app is put in on the gadget, bypassing restrictions applied since Android 11 that forestall querying the record of all put in apps on a person’s gadget. The app record bypass stays unpatched, with Google marking it as “will not repair.”
“Like browsers originally, the deliberately collaborative and multi-actor design of cell app layering makes the apparent restrictions unappealing,” the researchers concluded.
“App layering shouldn’t be going away, and layered apps could be ineffective with a no-third-party-cookies type of restriction. A sensible response is making the brand new assaults as unappealing because the outdated ones: permit delicate apps to choose out and limit the attacker’s measurement capabilities in order that any proof-of-concept stays simply that.”
