The Venomous Pixnapping Frog Jumps on Android

A venomous frog named Pixnapping leaps onto Android — a side-channel flaw that allows rogue apps to steal 2FA codes, Maps timelines, and on-screen data without any permissions. Found on Google and Samsung devices running Android 13–16, it abuses intents, activity layering, and a GPU side-channel to reconstruct pixels and extract private content. Tracked as CVE-2025-48561 (CVSS 5.5), it was patched in September 2025, though functional workarounds and an app-list bypass remain exploitable.

Phase 1: Setting the Trap — The Rogue App

Pixnapping starts when users install a seemingly harmless app, either from the Play Store or sideloaded from external sources. The malicious app requires no special permissions, a factor that makes it deceptively trustworthy. Once launched, it exploits legitimate Android APIs to interact with other applications and the rendering pipeline. By sending intents—the mechanisms Android uses for inter-app communication—the rogue app can invoke target apps such as Google Authenticator or Maps, pushing their visible content into the renderer without user consent.

This first phase is what enables the attack to run entirely under the guise of normal Android behavior, making detection by users or security software extremely difficult.

Phase 2: Layering and Stealing — The Pixel Capture

Here lies Pixnapping’s core innovation. The rogue app builds semi-transparent overlays on top of target app windows, stacking Android activities in layers. By manipulating the window blur API and observing minute timing differences, the malware uses a hardware side-channel known as GPU.zip—a compression feature in modern integrated GPUs—to measure how long blurring and rendering take across pixels.

These micro-timing leaks are then used to reconstruct the visual data of the victim app pixel-by-pixel. Within seconds, attackers can rebuild 2FA codes, Google Maps location timelines, or any displayed interface element containing sensitive information. Because this method never captures actual screenshots or requests screen-recording privileges, it bypasses Android’s permission model entirely.

Phase 3: Beyond Pixels — Persistence and App Fingerprinting

Beyond stealing what is visible, Pixnapping also enables attackers to infer which applications are installed on a device. By observing rendering behavior when sending intents to specific app activities, the malicious app can determine whether a target app exists—bypassing Android 11’s app-querying restrictions, which were designed to prevent exactly this kind of reconnaissance.

Although Google addressed the primary flaw in its September 2025 Android Security Bulletin, researchers confirmed that workarounds can re-enable Pixnapping, and that the app-list bypass remains unpatched, leaving part of the vector open for abuse.

Pixnapping underscores how the interaction of legitimate APIs, GPU behavior, and UI layering can create powerful side-channels for data theft. While the vulnerability’s CVSS 5.5 score may seem moderate, its ability to bypass permissions makes it unusually dangerous, especially for users of authentication or finance apps.

Mitigation measures include:

• Apply the September 2025 Android Security update and future patches promptly.

• Avoid sideloading or installing untrusted apps outside the Play Store.

• Keep Google Play Protect enabled and remove any suspicious applications.

• Developers of sensitive apps should allow users to opt out of layering and harden rendering routines.

• Platform vendors must ensure GPU timing channels and measurement workarounds are fully closed.

Pixnapping exposes how even well-secured platforms like Android can leak sensitive data through indirect channels when core APIs and GPU behaviors intersect. The flaw blurs the line between app-level and hardware-level isolation, proving that permissionless doesn’t mean harmless. While Google’s September 2025 patch closed the primary vector, residual workarounds and the app-listing bypass remind that side-channel research remains a moving target — and that true security depends on hardening every layer of the ecosystem, from rendering to intent handling.

The Hacker News

https://thehackernews.com/2025/10/new-pixnapping-android-flaw-lets-rogue.html?m=1