The secret’s out: cropped and edited pictures can be restored

Do you edit images in Windows 11 or on Google Pixel? Due to a developer error, hidden information in cropped or edited pictures can be recovered.

How to restore information in an edited screenshot

You might think that hiding sensitive information in a picture is a cakewalk. Just blot out your secrets with a big black marker in any image editor. Or even better: just crop the bit of the photo or screenshot that contains your personal data. What could possibly go wrong?

Quite a lot, in fact. We’ve already posted about how not to hide information in images and how not to retouch pictures embedded in documents. But a recent study shows that you can still come a cropper, so to speak, even if you take just about every conceivable precaution — and all due to a bug related to image processing. Let’s take a closer look at how two standard image-editing tools — one on Google Pixel and the other in Windows 11 — can reveal supposedly hidden information in images.

How to recover hidden information in screenshots edited on Google Pixel

It all started when security researchers Simon Aarons and David Buchanan discovered a vulnerability they named Acropalypse: it turns out that Markup, the Google Pixel built-in image editor, saves edited PNG files in a way that lets them be fully or partially recovered.

When processing PNG images, instead of saving a completely new PNG file, Markup overwrites the old one in a very peculiar way. If you crop a picture, its size in bytes compared to the original decreases, of course. The same thing happens if you paint over part of an image with a single color — thanks to the compression algorithms that are very good at packing solid-colored areas. But the file saved after editing in Markup has the same size as the original: the app simply overwrites the new data on top of the old, leaving a “tail” of the initial image data in the file. And with the help of a tool created by the researchers (available online), it’s possible to partially restore the original.

Here’s how the researchers themselves illustrate what’s going on:

Illustration of the concept behind the Acropalypse vulnerability

Recovery of an image edited with Google Pixel Markup. Source

Note, though, that the screenshot used as the example here is both redacted AND cropped. Thus, importantly, the resulting image is significantly smaller than the original. After the edited version is saved on top of the original, there’s a lot of non-overwritten data at the end of the file that can be recovered. And the fully unrestored or badly-restored area — the top third of the resulting picture — just so happens to contain nothing important.

So the researchers’ demonstration should be taken as an ideal case: in real life, the success of the tool will almost certainly be lower, and the result will largely depend on the circumstances. But that doesn’t mean the problem can be ignored — this vulnerability is nothing if not very unpleasant.

It affects the following Google smartphones (highlighted are models that are no longer supported and will probably not get updates):

  • Google Pixel 3, 3 XL, 3a, 3a XL
  • Google Pixel 4, 4 XL, 4a, 4a(5G)
  • Google Pixel 5, 5a
  • Google Pixel 6, 6 Pro, 6a
  • Google Pixel 7, 7 Pro

In addition to its colloquial name, Acropalypse, the vulnerability was designated CVE-2023-21036. It has already been patched in the March Android update for the Pixel smartphones. Alas, the update is powerless to fix old edited screenshots that have already been published or otherwise shared.

How to recover hidden information in screenshots edited in Windows 11

After Aarons and Buchanan posted their findings on Twitter, other researchers took up the cause. Logically assuming that other image-editing tools might use the same flawed mechanism for overwriting PNG files, they began to look for new vulnerable applications. And they found them, of course: a similar bug was detected in Snipping Tool, a screenshot utility in Windows 11.

Windows 11 Snipping Tool has exactly the same problem: the app overwrites edited PNG files on top of the original, and when the new file is smaller, some data from the original remains at the end of the file, from which the uncut image can be partially reconstructed.

See this article on BleepingComputer for more details:

Acropalypse vulnerability in Windows 11 Snipping Tool

Recovery of an image edited with Windows 11 Snipping Tool. Source

Although in this case a smaller part of the original image was restored, the result is still impressive. Note that the problem seems to be confined only to Snipping Tool and only to the Windows 11 version. So users of earlier versions of Windows, or those who prefer to edit screenshots in Paint or a full-fledged graphics editor like Photoshop, aren’t affected.

The vulnerability in Windows 11 Snipping Tool remains unclosed. But, again, even when an update arrives, it won’t fix the problem with screenshots that are already out there.

What to do?

If you use Windows 11 Snipping Tool, or have a Google Pixel smartphone (gen 3–7), and you’ve posted cropped or edited screenshots with passwords somewhere, consider those passwords compromised: change them immediately. Sure, you might struggle to remember every such instance, and in any case there’s nothing much you can do about it: there do exist Python scripts and YARA rules for finding and treating such PNG images, but these are only for techies.

On a final note, here are some tips on how to safely retouch images with sensitive data that you plan to post online or send to someone you don’t know if you can fully trust:

  • If you prefer to hide your secrets by painting over them or filling the area with solid color, make sure that the opacity is set to 100%.
  • If you opt for pixelating or smearing, bear in mind that this operation is reversible.
  • If you’re cropping, save the image to a new file — preferably using Photoshop’s Save for Web tool or an equivalent: such a tool will definitely slice off the unwanted part of the file for the sake of optimization.

Lastly, before posting a picture that could spill a bean or two, ask yourself: is posting it really necessary?