Android Pixnapping Flaw Affecting Billions Of Devices Can Steal Your Data & 2FA Codes

Android users beware—a new form of Android malware dubbed Pixnapping has been revealed to the public, and in theory, all current Android devices running Android 13 or newer are vulnerable since "the core mechanisms enabling the attack are typically available in all Android devices." The attack can be leveraged from any running Android app, even if it does not have Android system permissions, and it can steal any visible information from other running apps, including chat messages and 2FA codes.

As the "Pixnapping" name implies, it's effectively "pic-snapping" sensitive information from other running applications to discreetly send back to the attacker, allowing for account hijacking and other security breaches. What's more, it can be executed in under 30 seconds on a modern Android device.

Thankfully, this isn't another remote code execution vulnerability like those addressed in January of this year by Google, but the umbrella of ...