A newly discovered Android vulnerability, dubbed Pixnapping, poses a significant threat to users' Bitcoin security by enabling malicious apps to steal on-screen recovery phrases and 2FA codes. Researchers found that the attack leverages semi-transparent overlays and precise timing to reconstruct pixel data, allowing the capture of sensitive information displayed on Android devices. Tests on Pixel devices revealed that 6-digit 2FA codes could be intercepted within 14 to 26 seconds, with a success rate of up to 73%.
The vulnerability affects Android versions 13 through 16 and potentially impacts other models. Google has classified the issue as high severity and is actively developing mitigations. To safeguard against this threat, experts advise using hardware wallets to prevent sensitive data from being exposed on-screen.
Pixnapping Vulnerability Threatens Android Users' Bitcoin Security
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.