The vulnerability in image processing of Google’s Pixel smartphones allows for the recovery of screenshots that have subsequently been largely changed. As a result, sensitive data such as addresses or payment information that has been cut out or painted over from images can be reproduced. The vulnerability has since been fixed by Google, but previously distributed images still contain the original information.
According to the vulnerability discoverers, this was already introduced with Android 9 (Pie) 2018. Since then, Google has overwritten later changed screenshots on Pixel smartphones with the original file, but keeps it if the new version is smaller than the original one. This is the case, for example, when a credit card number or other personal information is cut off. Android screenshot image processing (markup) just overwrites the beginning of the original file, the rest is left. Malicious colleagues can use the vulnerability known as “Acropalypse” to recover data that has been intentionally cut or rendered unrecognizable.
The vulnerability (CVE-2023-21036) discovered by Simon Aarons and David Buchanan was reported to Google in early January. With the Android March update, this vulnerability has been closed, so that it is no longer possible to restore the original file from screenshots. Previously generated screenshots still contain the original data. If it’s shared on Discord, for example, it’s vulnerable to exploits.
Not a Twitter problem, but Discord
Other social networks like Twitter upload the images themselves, removing the attached and truncated data. Discord didn’t introduce this feature until mid-January of this year, so screenshots uploaded there will still contain the original written data. It remains unclear whether the fix for the vulnerability was done in coordination with Google, or if it was a coincidence of timing.
With the March update, Google has already fixed some critical vulnerabilities in Android. This includes a zero-day vulnerability with Samsung’s Exynos modem chips. Google itself refers to the encoding exploit in a file Android Security Bulletin Not critical, but very serious. The March update is currently being distributed for Pixel smartphones, but the user must check the system settings to see if it needs to be installed manually.
Users can use a file Internet finders website Due to the vulnerability, the modified screenshots still contain the original information. There you first select the affected pixel model and then upload the screenshot. The image recovered from the exploit is then shown, showing whether sensitive data can be reproduced.
“Subtly charming coffee scholar. General zombie junkie. Introvert. Alcohol nerd. Travel lover. Twitter specialist. Freelance student.”
Silent Hill: Leaker: Trailers for several titles are coming soon
Better to delete it directly: the popular Android app is secretly eavesdropping on its users
Teufel Rockster Air is currently €100 cheaper – with free shipping