Researchers have unveiled a novel Android side-channel exploit dubbed Pixnapping, which allows a malicious app to “snatch” on-screen data from other applications—even without special permissions. In proof-of-concept tests, the technique has demonstrated the ability to extract sensitive content such as two-factor authentication (2FA) codes, private messages and financial data by observing subtle changes in how pixels render over time.
The attack has been demonstrated on modern devices from Google and Samsung, including Pixel 6 through 9 and Galaxy S25 models. Victims targeted in experiments included apps such as Google Authenticator, Gmail, Signal, Venmo and Maps. In one test, attackers recovered 2FA codes from Google Authenticator in under 30 seconds. Because 2FA codes typically expire quickly, the speed of extraction underscores the severity of the flaw.
“It is as if any app could take a screenshot of other apps or websites without permission — a fundamental violation of Android’s security model.”
How Pixnapping Exploits Android’s Rendering Pipeline and GPU Side Channels to Expose Secrets
The Pixnapping technique relies on a combination of Android’s graphics subsystem and a hardware-level side channel. The malicious app initiates an intent to launch a target application and then overlays a semi-transparent window stack above it. By leveraging render-timing differences via the GPU, the attacker deduces specific pixel color values across the underlying app’s display.
Essential to the method is leveraging timing artifacts associated with pixel rendering and variations in how GPU hardware processes transitions—specifically a data leak variant linked to a previously identified pipeline side channel. By sampling selected pixels at known screen coordinates, the attacker can reconstruct sensitive visual content such as 2FA codes, account numbers or confidential messages displayed briefly on-screen.
Researchers found that even browser interfaces or non-browser apps—such as Google Maps, Signal or Gmail—are not immune, because pixel-level observations are device-agnostic and do not require overlay permission or accessibility exploits. The method simply monitors subtle delays or shifts in rendering for known pixel patterns.
The vulnerability has been catalogued as CVE-2025-48561. Google pushed a partial patch for affected Pixel devices, but researchers confirmed that a workaround remains effective, leaving many Android units still exposed. Samsung has acknowledged the risk but has not fully addressed it, and other manufacturers may remain unpatched.
Severity, Scope and Devices Impacted According to Research Findings
During controlled evaluations, researchers successfully extracted 2FA codes on several Pixel devices with a success rate between 29 percent and 73 percent. On Samsung Galaxy S25 devices, they were unable to reliably capture codes within the code validity window, pointing to hardware-dependent variability.
Critical factors influencing success include the predictability of code location in the app UI, device GPU architecture, and timing precision of the overlay code. Because Android devices broadly expose graphical APIs and use similar rendering pipelines, the set of vulnerable models is extensive.
The researchers disclosed the flaw to Google and Samsung in early 2025. Google issued a patch in September 2025, but it remains partial; the team later demonstrated a bypass. At present, no universal mitigation is confirmed for all devices or manufacturers. No confirmed in-the-wild exploitation has been publicly reported, though the exploit’s low-permission design makes undetected deployment plausible.
Mitigation, Detection and Defensive Advice for Android Users and Developers
Users should install Android updates as soon as available, particularly security patches targeting CVE-2025-48561 on Pixel devices. Where possible, enable firmware and security updates across all device vendors and encourage manufacturers to issue timely patches for vulnerable models.
Developers can reduce exposure by preventing sensitive content from remaining static on-screen longer than necessary, overlaying obfuscation or random shifting of UI elements, or disabling pixel-based rendering inference via abstraction layers. Apps may also detect suspicious overlay behavior or irregular rendering timing and trigger warnings or deny critical displays under overlay conditions.
From a user perspective, avoid installing apps from unknown sources, scrutinize app permissions, and consider minimizing the usage of visual-only 2FA tools. Hardware-based authentication tokens (e.g. FIDO keys) remain more resistant to screen-based side-channel attacks.
Security teams and forensic analysts are encouraged to log unusual overlay or Intent-based interactions and monitor apps spawning semi-transparent stacks. Unexpected or rapid overlay activity during security-sensitive UI states—such as during login or 2FA display—should be flagged for review.
Broader Implications for Mobile Security and Side-Channel Threats
Pixnapping extends the class of pixel-stealing attacks into the mobile domain, circumventing traditional controls like permission gating and screenshot blocking. Unlike attacks requiring accessibility or high privileges, Pixnapping operates invisibly below the permission layer, rendering conventional defenses less effective.
Because it exploits hardware rendering behavior rather than software vulnerabilities, patching at the OS or GPU driver level may be essential. The vulnerability is a reminder that even passive observability channels—like rendering timing—can betray sensitive content.
As Android ecosystems continue to diverge across manufacturers, some devices may never receive robust mitigations. This raises the urgency for app developers and platform architects to anticipate new side channels and design UI flows with dynamic obfuscation, closing windows of exposure for secrets like 2FA codes.
Researchers plan to release Pixnapping’s source code once safe mitigation mechanisms are confirmed. Meanwhile, the community is collaborating with vendors and security teams to develop robust countermeasures and detection heuristics for this emerging class of threat.
