Slashdot
Follow
Android 'Pixnapping' Attack Can Capture App Data Like 2FA Codes
Security researchers have revived a 12-year-old data-stealing attack, called Pixnapping, targeting Android devices. This attack allows a malicious app to essentially "screenshot" and steal information displayed in other apps or websites. Pixnapping can target sensitive data from apps like Google Maps, Signal, and Venmo, and websites such as Gmail. It can even steal Two-Factor Authentication (2FA) codes generated by Google Authenticator. The attack works by analyzing pixel colors and measuring rendering times to determine the content displayed. The malicious app opens target apps, selects pixel coordinates, and triggers graphical operations with varying rendering times. By measuring render times, the app can discern the color of specific pixels, effectively reconstructing the displayed information. The researchers have demonstrated the attack on several devices running Android versions 13 to 16, including Google Pixel and Samsung Galaxy models. Importantly, a malicious app using Pixnapping doesn't need any special permissions to operate, making it a stealthy threat. The attack leverages a vulnerability inherent in the Android system that is not yet fully mitigated. The researchers detailed their findings in a paper called "Pixnapping: Bringing Pixel Stealing out of the Stone Age".