UC Berkeley, PhD candidate, Alan Wang said: "First, the malicious app opens the target app (e.g., Google Authenticator), submitting its pixels for rendering," and he went on to explain the timing trick in full.

The technique lets a hostile app pick a target pixel, perform graphical operations whose frame render time depends on that pixel’s colour, and then infer what was shown by measuring rendering times.

Researchers demonstrated the attack on five devices running Android 13 to Android 16 up until build id BP3A.250905.014: Google Pixel 6, Google Pixel 7, Google Pixel 8, Google Pixel 9 and Samsung Galaxy S25.

A malicious app implementing Pixnapping would need no special manifest permissions, the paper warns, making detection and prevention harder than you might hope.

The team detail their findings in a paper titled "Pixnapping: Bringing Pixel Stealing out of the Stone Age."

The attack can siphon content from apps such as Google Maps, Signal and Venmo and from websites including mail.google.com, and the researchers even showed it can grab two‑factor codes from Google Authenticator.

Other Android models were not tested, but the authors say the underlying mechanism that enables the timing channel is commonly available across devices.

Defences are not spelled out in the summary and the flaw remains unmitigated, leaving modern phones vulnerable to a conceptually simple but fiendishly effective side channel.