‘Pixnapping’ Android attack could expose crypto wallet seed phrases — TradingView News
A newly discovered Android vulnerability enables malicious applications to access content displayed by other apps, potentially compromising crypto wallet recovery phrases, two-factor authentication (2FA) codes and more.
According to a recent research paper, the “Pixnapping” attack “bypasses all browser mitigations and can even steal secrets from non-browser apps.” This is possible by leveraging Android application programming interfaces (API) to calculate the content of a specific pixel displayed by a different application.
This is not as simple as the malicious application requesting and accessing the display content of another application. Instead, it layers a stack of attacker-controlled, semi-transparent activities to mask all…
