A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing them to derive the content.
The content may include sensitive private data like chat messages from secure communication apps like Signal, emails on Gmail, or two-factor authentication codes from Google Authenticator.
The attack, devised and demonstrated by a team of seven American university researchers, works on fully patched modern Android devices and can steal 2FA codes in less than 30 seconds.
Google attempted to fix the problem (CVE-2025-48561) in the September Android update. However, researchers were able to bypass the mitigation and an effective solution is expected in the December 2025 Android security update.
How Pixnapping works
The attack starts with a malicious app abusing Android’s intents system to launch the target app or webpage, so its window is submitted to the system’s composition process (SurfaceFlinger), which is responsible for combining multiple windows when they are visible at the same time.
In the next step, the malicious app maps the target pixels (for instance, the pixels forming the digit of a 2FA code) and determines through multiple graphical operations if they are white or non-white.
Isolating each pixel is possible by opening what the researchers call a 'masking activity', which sits in the foreground, hiding the target app. Then the attacker makes the cover window "all opaque white pixels except for the pixel at the attacker-chosen location which is set to be transparent."
During the Pixnapping attack, the isolated pixels are enlarged, leveraging a "quirk" in the way SurfaceFlinger implements blur that produces a stretch-like effect.
Blurred 1x1 sub-region stretched into a larger colored patch
... continue reading