Researchers from several US universities have demonstrated a sophisticated attack on Android devices, dubbed Pixnapping. This technique enables malicious apps to steal sensitive pixel information displayed on the screen, including two-factor authentication (2FA) codes. By developing a pixel-stealing framework, the researchers were able to extract data from non-browser apps such as Google Maps and Signal, as well as websites like Gmail. This classic side-channel attack exploits physical signals emitted by the device rather than attacking software directly.
The testing proved successful on modern devices, including Google Pixel and Samsung Galaxy models. Although Google has implemented some patches, vulnerabilities remain, still affecting many Android users. To mitigate these risks, researchers recommend regular updates, cautious app installations, and awareness of suspicious permissions. Leveraging strong security measures, like real-time anti-malware, can further safeguard personal information from such harmful attacks. Attacks like Pixnapping illustrate the need for heightened cybersecurity awareness and the importance of continuous vigilance against emerging threats.
👉 Pročitaj original: Malware Bytes
