Pixnapping Attack
2 days ago
- #Side Channel Attack
- #Android Security
- #Pixnapping
- Pixnapping is a new attack class allowing malicious Android apps to leak information from other apps or websites.
- Exploits Android APIs and a hardware side channel affecting nearly all modern Android devices.
- Demonstrated attacks on Google and Samsung phones, recovering sensitive data from Gmail, Signal, Google Authenticator, etc.
- Can steal 2FA codes from Google Authenticator in under 30 seconds without user detection.
- Affects devices running Android versions 13 to 16, including Google Pixel 6-9 and Samsung Galaxy S25.
- No permissions required for the malicious app to execute the attack.
- Only visible information (e.g., chat messages, 2FA codes) can be stolen; hidden data remains secure.
- Attack involves three steps: invoking target app, inducing graphical operations, and using a side channel to leak pixels.
- Google attempted a patch but a workaround exists; GPU vendors have not committed to fixing GPU.zip side channel.
- Tracked under CVE-2025-48561; no known mitigation strategies available.