SIgnificant Security issue with the Android Platform on Cell Phones

[alarmguy]

They are working on a fix, part of it has been taken care of but Google states they hope to have the next patch out by Dec 2025
Pretty significant and interesting at the same time. Hackers can read(lack of better words) the phone screen of who they target. No one is really safe if you are a target, even with a late model Pixel or Samsung S25

The interesting part, the hack can use any app on the device to do this. I can't imagine the stuff out there that we most likely will never know.

It seems like it has been around for some time now. You know, like when you log onto something like your secure back account (or whatever) and you wait for the security code ... Interesting read. Its "out there" on multiple sites...
I just dug this one up but saw it someplace else last week

"Android devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data without the users' knowledge pixel-by-pixel."
https://thehackernews.com/2025/10/new-pixnapping-android-flaw-lets-rogue.html

This is even more detailed link if you want to read, along with a video of a hack taking place and how they do it;
"The researchers demonstrated Pixnapping on Google Pixel 6, 7, 8, and 9 devices, as well as Samsung Galaxy S25, running Android versions 13 through 16, and all of them were vulnerable to the new side-channel attack."
https://www.bleepingcomputer.com/ne...pping-attack-steals-mfa-codes-pixel-by-pixel/

....

 

[skyactiv]

Android is a Mess regarding how some phone makers deal with security updates.

 

[alarmguy]

Android is a Mess regarding how some phone makers deal with security updates.

What I find amazing is this hack can be performed through any app on the phone. There is a video in the second link.
Worse yet, Googles fix in Sept, the researchers were able to get around the fix. Making the fix a non-fix.

 

[Hall]

Android is a Mess regarding how some phone makers deal with security updates.

I used Android devices for many years and have nothing against them, but use iPhones now. If I did get an Android, it would have to be a Google Pixel just for the security / updates / patch reasons. Second reason would be no pre-loaded carrier or manufacturer garbage (not sure if that's still a thing or not though) that can't be uninstalled.

 

[Arc]

It's really something to see your android phone getting hacked in real time. I was waiting for my wife to finish her doctors appointment and I got a pop up from Applebee's so I text her to see if we were going out to eat and she said it wasn't her. Next google maps popped up showing our route to the out of town doctor and my location. From there everything started opening, mail, photos web browser etc. I also got a data warning saying I was reaching my limit because they were downloading my phone. At that point I shut it off and restarted the phone. When I checked my firewall data it showed an unknown IP address and whois wouldn't show any info on it. Funny thing is it's happened several times and always when Im going out of town. Whoever it was they have me beat because no matter what I do they get access every time.

 

[alarmguy]

I used Android devices for many years and have nothing against them, but use iPhones now. If I did get an Android, it would have to be a Google Pixel just for the security / updates / patch reasons. Second reason would be no pre-loaded carrier or manufacturer garbage (not sure if that's still a thing or not though) that can't be uninstalled.

I feel the same, if ever, it would be a Pixel.
With that said my wife and I are now fully integrated into Apple's sphere and no real way out that can integrate easily in the Android platform. From Apple Watches, to MacBook Air to two Mac mini Desktops and an iPad. The stuff just works.

I do get ADD *LOL* I love electronics and after using Apple devices for many years now, I wish there was some glaring change on iPhone offerings, even though my iPhone 15 plus is only 7 months old before that was the 13 and before that the XR... honestly if there was an easy way, I would try a new Pixel for fun. We always (mostly) bought our own phones, so not to have the garbage preinstalled by the carriers. Not sure if it's still the same from many years ago or not either.

I dont know about the future, VERY upset Apple discontinued offering the "Plus" line for the new iPhone 17 line. I love the screen size of the plus as it's just perfect. Instead we got the "dog" iPhone Air 17 which I read cut back production by 80% as it's not meeting demand but all the others are. Anyway I got a few years to think about it now. Most I keep my phones is around 3 years

 

[Hall]

Whoever it was they have me beat because no matter what I do they get access every time.

They've probably locked on to you based on your IMEI, MAC address, etc (something hard-coded to the device, not just your IP address, which changes). Then again, I haven't read up on this so maybe it's simply that your phone "phones home" to whoever is operating this exploit.

 

[wavinwayne]

I only use cheap Android phones, I'm weird that way. My current phone is a 2 year old Motorola something-or-other. I'll let you all know how the hack goes.

 

[Hall]

and no real way out that can integrate easily in the Android platform. From Apple Watches, to MacBook Air to two Mac mini Desktops and an iPad.

I also have an Apple Watch, Macbooks, and use a mini Mac at work, but other than the watch, I think I could deal with the disconnect. Then again, I do share stuff via Airdrop, copy and paste across devices, and love having Messages on my laptop(s).

I dont know about the future, VERY upset Apple discontinued offering the "Plus" line for the new iPhone 17 line. I love the screen size of the plus as it's just perfect. Instead we got the "dog" iPhone Air 17 which I read cut back production by 80%

Pro Max ? When I first switched to iPhone, I took my wife's 6+ to see how I liked iOS. The device itself was way too big for my liking though. I want it to fit in my pocket without hanging out at all. The trade-off I'm finding though is battery life (both daily and lifetime). I have a 15 right now and in 16 months, the battery life is down to 90%. In my experience, once it reaches 87-88%, you can't go much longer than 8-10 hours without having to at least charge it for a little bit. My wife and daughters have always gotten the slightly larger models, with larger batteries, and don't run into this as much.

 

[JTK]

I only use cheap Android phones, I'm weird that way. My current phone is a 2 year old Motorola something-or-other. I'll let you all know how the hack goes.

Same here. I buy ~$200 motos and keep them 2-3yrs.

 

[Wireman1987]

scary world out there.

 

[Hall]

I only use cheap Android phones

I've been asked to 'help' people clean up / reset / etc some really cheap Androids (often on pre-paid plans, Cricket, etc) and always found them to be so cheap-feeling and junk. Also, the version of Android they're running can be multiple, MAJOR versions behind and stuck there. Has it improved ?

 

[wavinwayne]

I've been asked to 'help' people clean up / reset / etc some really cheap Androids (often on pre-paid plans, Cricket, etc) and always found them to be so cheap-feeling and junk. Also, the version of Android they're running can be multiple, MAJOR versions behind and stuck there. Has it improved ?

Still a vast difference in quality between the cheap Androids like mine and the top of the line models. I guess I do what I do so I can just get a new phone for ~$200, pop my SIM card in and keep rolling. My wife and kids use iPhones.

 

[ripcord]

Same here. I buy ~$200 motos and keep them 2-3yrs.

I couldn't live without the Moto tomahawk chop flashlight feature.

 

[alarmguy]

I also have an Apple Watch, Macbooks, and use a mini Mac at work, but other than the watch, I think I could deal with the disconnect. Then again, I do share stuff via Airdrop, copy and paste across devices, and love having Messages on my laptop(s).

Pro Max ? When I first switched to iPhone, I took my wife's 6+ to see how I liked iOS. The device itself was way too big for my liking though. I want it to fit in my pocket without hanging out at all. The trade-off I'm finding though is battery life (both daily and lifetime). I have a 15 right now and in 16 months, the battery life is down to 90%. In my experience, once it reaches 87-88%, you can't go much longer than 8-10 hours without having to at least charge it for a little bit. My wife and daughters have always gotten the slightly larger models, with larger batteries, and don't run into this as much.

Yeah, the Pro-Max is even a larger screen at 6.7 I know I cant live in the past but the 6.5 and associated price of the plus was perfect for me. The Max Pro is too large and expensive for me at least right now, I dont think I would get any more satisfaction spending the additional cost for a Max Pro over a 15+ or 16+ actually it would just rub me the wrong way that they took away the larger screen offering for the plus option. I love Apple products and the company but this is one thing I do not love about them at the current time. Now if in the price range of a Max Pro was a foldable version or something significantly different that I can use I might see the value in that but not for the current offering.

My wife's iPhone 13 now 3.5 years old is at 88%. With that said she works during the day and not on her phone 1/5th the time I am but when I traded my 13 in for the 15+ at 3 years old as the time I was right around the 89% mark

Well, yeah, the watch would be the biggest disconnect issue for me. With that said, after decades of Windows I would never want to go back there. Yup, same here with airdrop and also the ease of sharing stuff even with family as my entire family circle uses Apple devices... except for one daughter in law. I do admit though, like I said, for fun I would love to try out a Pixel 10. Its now been a very long time since I had an Android phone

 

[Skippy722]

Yeah, the Pro-Max is even a larger screen at 6.7 I know I cant live in the past but the 6.5 and associated price of the plus was perfect for me. The Max Pro is too large and expensive for me at least right now, I dont think I would get any more satisfaction spending the additional cost for a Max Pro over a 15+ or 16+ actually it would just rub me the wrong way that they took away the larger screen offering for the plus option. I love Apple products and the company but this is one thing I do not love about them at the current time. Now if in the price range of a Max Pro was a foldable version or something significantly different that I can use I might see the value in that but not for the current offering.

My wife's iPhone 13 now 3.5 years old is at 88%. With that said she works during the day and not on her phone 1/5th the time I am but when I traded my 13 in for the 15+ at 3 years old as the time I was right around the 89% mark

Well, yeah, the watch would be the biggest disconnect issue for me. With that said, after decades of Windows I would never want to go back there. Yup, same here with airdrop and also the ease of sharing stuff even with family as my entire family circle uses Apple devices... except for one daughter in law. I do admit though, like I said, for fun I would love to try out a Pixel 10. Its now been a very long time since I had an Android phone

It wasn't that hard to leave Apple's ecosystem.... Getting all our passwords out of keychain was probably the hardest (you basically download them from safari as an unencrypted csv file), and relearning muscle memory for certain things.

But my god does android handle notifications SO MUCH BETTER. My group chat in signal sometimes gets a bit crazy, on iOS I would have like 10 separate notification bubbles for it with a varying array of notifications per... On android they're all simply lumped together. Same for my home camera notifications. Any phone calls labeled "spam" I simply don't even get a notification for.

Oh.... And YouTube premium family plan billed through apple is $30/month, it's $23 on android. RCS was the game changer for me though, the lack of it is was what kept me on iOS. Even my wife, who isn't a "techy" by any means is enjoying her pixel 10 pro, and I love my 10 pro XL.


Still debating whether I want to put graphene os on it when it's available for the 10's.... Neither of use use any of the AI features

 

[alarmguy]

It wasn't that hard to leave Apple's ecosystem.... Getting all our passwords out of keychain was probably the hardest (you basically download them from safari as an unencrypted csv file), and relearning muscle memory for certain things.

But my god does android handle notifications SO MUCH BETTER. My group chat in signal sometimes gets a bit crazy, on iOS I would have like 10 separate notification bubbles for it with a varying array of notifications per... On android they're all simply lumped together. Same for my home camera notifications. Any phone calls labeled "spam" I simply don't even get a notification for.

Oh.... And YouTube premium family plan billed through apple is $30/month, it's $23 on android. RCS was the game changer for me though, the lack of it is was what kept me on iOS. Even my wife, who isn't a "techy" by any means is enjoying her pixel 10 pro, and I love my 10 pro XL.


Still debating whether I want to put graphene os on it when it's available for the 10's.... Neither of use use any of the AI features

Choices are good and it works for you. Much of what you use isnt what I use or the wants I need. Except maybe I will use (you may not be aware) the newest iOS has a filter for phone calls. I dont use it and still waiting for one more update to come out on it. iOS 26.0.2 Even then my spam is not to bad. I remove myself from the major data sources that the companies use.

Most important to me is the Apple Watch/Iphone without that it's a non starter. The sync between my Desktop, Laptop and iPhone is nice. Almost all my texts are from my desktop sometimes laptop and iphone as well as email. Your mention of Keychain too, I love that no matter what device of the three that I use its all seamless.
No way do I want Windows in my life anymore and sure, to a degree, the comfort for me of more privacy and security. The latest Android issue is huge, quite amazing and they are scrambling to come up with a fix. The first fix failed but I am one not to worry as much about that stuff, we are all fish in a bowl and they think by Dec they will have a fix. I dont think there has ever been anything like it? I dont know.

Just for the record, as you know and I stated many times, if I was in the Android world it would be Pixel and a possible look at S25 from Samsung. But it's not for me. But never is a long time for any device or company so you never know. They just better have a darn good watch to go with it.

Yeah, AI. Right now I think a lot of fluff. However I did just install the latest ChatGPT and wow, I choose Jupiter's voice, she sounds incredible. I don even read the text answers, you really interact with her. Come a long way.

 

[Skippy722]

Choices are good and it works for you. Much of what you use isnt what I use or the wants I need. Except maybe I will use (you may not be aware) the newest iOS has a filter for phone calls. I dont use it and still waiting for one more update to come out on it. iOS 26.0.2 Even then my spam is not to bad. I remove myself from the major data sources that the companies use.

Most important to me is the Apple Watch/Iphone without that it's a non starter. The sync between my Desktop, Laptop and iPhone is nice. Almost all my texts are from my desktop sometimes laptop and iphone as well as email. Your mention of Keychain too, I love that no matter what device of the three that I use its all seamless.
No way do I want Windows in my life anymore and sure, to a degree, the comfort for me of more privacy and security. The latest Android issue is huge, quite amazing and they are scrambling to come up with a fix. The first fix failed but I am one not to worry as much about that stuff, we are all fish in a bowl and they think by Dec they will have a fix. I dont think there has ever been anything like it? I dont know.

Just for the record, as you know and I stated many times, if I was in the Android world it would be Pixel and a possible look at S25 from Samsung. But it's not for me. But never is a long time for any device or company so you never know. They just better have a darn good watch to go with it.

Oh we still have our iPhones tucked away just in case of whatever, and I will never go back to windows for a computer. I get the whole seamless thing though. And I'm not trying convert anyone, just giving my experience of switching. I very quickly clicked on this thread though to learn more, I wonder what the differences are that the 10's aren't affected

 

[alarmguy]

Oh we still have our iPhones tucked away just in case of whatever, and I will never go back to windows for a computer. I get the whole seamless thing though. And I'm not trying convert anyone, just giving my experience of switching. I very quickly clicked on this thread though to learn more, I wonder what the differences are that the 10's aren't affected

Much appreciated! I like to hear experiences... I never say never about anything .

 

[Arc]

They've probably locked on to you based on your IMEI, MAC address, etc (something hard-coded to the device, not just your IP address, which changes). Then again, I haven't read up on this so maybe it's simply that your phone "phones home" to whoever is operating this exploit.

My little brother got caught up in the big gathering in the north east that we can't talk about on here and eventually got arrested. My guess is they were investigating close family members for involvement. Looking for any pictures, location data or texts. I have a friend in law enforcement that said they received inquiries about my involvement. Lucky for me I stayed away from that mess. Anyway I know what was happening but I just wasn't up to speed enough on technology to stop them, I probably messed up and let my new cell phone connect to wifi or turned it on near my home. It happens.