This new Android exploit can steal everything on your screen - even 2FA codes
zdnet.com
Follow ZDNET: Add us as a preferred source on Google.
ZDNET's key takeaways
- Pixnapping could be used to steal private data, including 2FA codes.
- Side-channel attack abuses Google Android APIs to steal data on display.
- Flaw is partially patched, although a more complete fix is due in December.
A new attack method demonstrated by researchers could lead to the theft of two-factor authentication (2FA) codes and more on Android devices.
Also: This fundamental Android feature is 'absolutely not' going away, says Google - but it is changing
The attack technique, detailed in a paper titled Pixnapping: Bringing Pixel Stealing out of the Stone Age (PDF), has been developed by researchers from the University of California, Berkeley, San Diego, Washington, and Carnegie Mellon.
Dubbed "Pixnapping," this attack vector begins when a victim unknowingly installs a malicious mobile application on their Android smartphone.
Notably, the app doesn't ...
Copyright of this story solely belongs to zdnet.com . To see the full text click HERE