Pixnapping: New Android Side-Channel Steals 2FA Codes Pixel-by-Pixel

What Pixnapping does

A team of U.S. university researchers has disclosed Pixnapping, a novel side-channel attack that allows a malicious Android app with no special permissions to steal the actual pixels other apps draw on screen, reconstruct those pixels, and recover sensitive content — including two-factor authentication (2FA) codes, chat messages, emails and even crypto seed phrases. The attack works on fully patched modern Android phones and can recover a 2FA code in under 30 seconds in optimized scenarios.

How the attack works — pixel isolation, blur stretching, and GPU side channels

Pixnapping chains several graphics and OS behaviors together:

• The malicious app uses Android intents to launch or bring a target app/window into the composition pipeline so the target’s pixels are present in SurfaceFlinger (the system compositor).
• It then displays a carefully crafted foreground masking activity that is opaque white except for one tiny transparent pixel at an attacker-chosen location. By repeatedly changing that transparent pixel and performing GPU operations, the attacker can test whether the underlying pixel is white or non-white.
• The exploit leverages a quirk in SurfaceFlinger’s blur/stretch behavior to enlarge the sampled pixel so it produces measurable side effects. Combined with optimizations, the researchers recover characters by stitching many sampled pixels together and applying OCR-style recognition.
• Crucially, Pixnapping reuses the GPU.zip style-channel technique (which abuses GPU data-compression/processing artifacts) to leak visual information from the graphics pipeline.

Blurred 1×1 sub-region stretched into a larger colored patch
Source: pixnapping.com

Affected devices and success rates

Researchers demonstrated Pixnapping on a range of mainstream devices — Google Pixel 6/7/8/9 and Samsung Galaxy S25 — across Android 13–16, and concluded the core mechanisms making the attack viable exist on many Android implementations, so older devices may also be vulnerable. While the raw pixel leakage rate is modest (roughly 0.6–2.1 pixels/second), engineering improvements let the team extract short numeric 2FA codes in under 30 seconds.

Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.

Timeline: patch attempts and ongoing work

Google shipped a mitigation in the September 2025 Android security bulletin addressing the underlying information-disclosure behavior (CVE-2025-48561), but researchers produced an updated bypass that forced Google to prepare a more comprehensive fix slated for the December 2025 Android security update. Google and Samsung have committed to follow-up fixes; however, GPU vendors have not announced independent patches for the GPU-side compression channel used by GPU.zip/Pixnapping.

Real-world risk and scope

The research team scanned nearly 100,000 Play Store apps and found hundreds of thousands of invocable intent actions, implying Pixnapping’s attack surface is broad because many apps (and webpages) can be launched via intents. That said, the exploit requires tailored tuning for a target device, so while successful demonstrations are impactful, opportunistic mass exploitation is harder — and researchers reported no confirmed Play Store apps using Pixnapping at the time of disclosure. Nonetheless, the ubiquity of exposed vectors and over-the-air distribution of apps makes rapid weaponization a realistic concern. 

Examples of what can be stolen (research measurements)

The paper and accompanying tests include long-running recovery estimates for large visual regions; examples reported by the researchers include:

• Google Maps timeline entries — large pixel regions (tens of thousands of pixels) — full recovery unoptimized would take many hours.
• Venmo account-balance panels — thousands of pixels, multi-hour recovery without optimization. 
• SMS / Messages and Signal chats — larger chat windows measured in tens of thousands of pixels; Signal chat recovery worked even with Signal’s Screen Security enabled (but larger areas take longer). For targeted short strings like 2FA codes, optimized attacks are fast (<30s). 

What vendors have said

Google acknowledged the vulnerability class in its September bulletin and issued a first mitigation; after researchers demonstrated a bypass the company told the public it will deliver a more complete mitigant in the December Android security update. Samsung has publicly committed to fixes for affected devices. No GPU vendor has publicly committed to a hardware/firmware mitigation specific to GPU.zip-style compression leakage. 

Are u a security researcher? Or a company that writes articles about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing? If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link