• Source:JND
Add as a preferred

Security researchers have uncovered a stealthy new attack called Pixnapping that can quietly capture what’s on your phone screen — from two-factor authentication (2FA) codes and private messages to Google Maps locations — without showing any obvious signs to the user.

The attack doesn’t rely on malware taking screenshots or camera access. Instead, it works by exploiting the way Android draws pixels on the screen, turning normal system functions into a subtle data leak.

How Pixnapping Works

Pixnapping is a mix of software manipulation and hardware timing tricks. A malicious app can request another app to display a specific screen (like your inbox, map, or authentication code). While that content is being drawn, the attacker measures how long individual pixel operations take — a timing “side-channel.”

ALSO READ: Google Ready To Invest ₹87,520 Crore To Build Mega AI Hub In India

If an adversary completes this same cycle on various coordinates, they can reconstruct your screen image one pixel at a time and therefore know the sensitive information directly from your screen. They found Signal, Gmail, Google Authenticator, Venmo, and Google Maps, even if you are security conscious, are susceptible as well.

Test Results and Affected Devices

The research team from UC Berkeley, UC San Diego, Carnegie Mellon and University of Washington put their exploit to the test on flagship phones like Pixel 10 and Galaxy S25 Ultra and were successful at extracting real data from protected apps - such as retrieving two-factor authentication codes within 30 seconds - without triggering any user alerts or system warnings.

CVE-2025-48561, is being tracked by Google as CVE-2025-48561 and was partially addressed in their September 2025 Android security update, with more complete fixes expected shortly thereafter. However, researchers noted some workarounds can still bypass its initial mitigation - though Google says there have been no real-world attacks using Pixnapping so far.

ALSO READ: OriginOS 6 Global Launch Set For Today, October 15: Vivo And iQOO Phones In India To Get Android 16-Based Update This Week

How to Stay Safe from Pixnapping

Until a permanent fix rolls out, you can reduce your risk by:

- Installing security updates immediately when available.

- Avoiding apps from untrusted sources or third-party app stores.

- Using stronger two-factor authentication methods, such as a physical security key or an authenticator on a separate device.

Pixnapping is a reminder that even the pixels on your screen — something most of us take for granted — can become a security weak spot. Keeping your device updated and tightening app permissions are your best defenses for now.