The vulnerability in image processing of Google’s Pixel smartphones allows for the recovery of screenshots that have subsequently been largely changed. As a result, sensitive data such as addresses or payment information that has been cut out or painted over from images can be reproduced. The vulnerability has since been fixed by Google, but previously distributed images still contain the original information.
According to the vulnerability discoverers, this was already introduced with Android 9 (Pie) 2018. Since then, Google has overwritten later changed screenshots on Pixel smartphones with the original file, but keeps it if the new version is smaller than the original one. This is the case, for example, when a credit card number or other personal information is cut off. Android screenshot image processing (markup) just overwrites the beginning of the original file, the rest is left. Malicious colleagues can use the vulnerability known as “Acropalypse” to recover data that has been intentionally cut or rendered unrecognizable.
The vulnerability (CVE-2023-21036) discovered by Simon Aarons and David Buchanan was reported to Google in early January. With the Android March update, this vulnerability has been closed, so that it is no longer possible to restore the original file from screenshots. Previously generated screenshots still contain the original data. If it’s shared on Discord, for example, it’s vulnerable to exploits.
Not a Twitter problem, but Discord
Other social networks like Twitter upload the images themselves, removing the attached and truncated data. Discord only introduced this feature in the middle of January this year, so screenshots uploaded there will still contain the original written data. It remains unclear whether the fix for the vulnerability was done in coordination with Google, or if it was a coincidence of timing.
With the March update, Google has already fixed some critical vulnerabilities in Android. This includes a zero-day vulnerability with Samsung’s Exynos modem chips. Google itself refers to the encoding exploit in a file Android Security Bulletin Not critical, but very serious. The March update is currently being distributed for Pixel smartphones, but the user must check the system settings to see if it needs to be installed manually.
Users can use a file Internet finders website Due to the vulnerability, the modified screenshots still contain the original information. There you first select the affected pixel model and then upload the screenshot. The image recovered from the exploit is then shown, showing whether sensitive data can be reproduced.
(fds)
“Social media evangelist. Baconaholic. Devoted reader. Twitter scholar. Avid coffee trailblazer.”
More Stories
Ubisoft wants to release a new Assassin's Creed game every 6 months!
A horror game from former developers at Rockstar
Turtle Beach offers the Stealth Pivot Controller for PC and Xbox