According to the MIT Technology Review, researchers at Indiana University and the Naval Surface Warfare Center have developed a new form of malware designed to record and reconstruct a victim’s environment.
“[The researchers] call their visual malware PlaceRaider and have created it as an app capable of running in the background of any smartphone using the Android 2.3 operating system,” the article states. “Their idea is that the malware would be embedded in a camera app that the user would download and run, a process that would give the malware the permissions it needs to take photos and send them. PlaceRaider then runs in the background taking photos at random while recording the time, location and orientation of the phone.”
“Using that information, it can reliably build a 3D model of your home or office, and let cyber-intruders comb it for personal information like passwords on sticky notes, bank statements laying out on the coffee table, or anything else you might have lying around that could wind up the target of a raid on a later date,” writes Gizmodo’s Eric Limer.
“The project’s chief architect, Robert Templeman, also works at Indiana’s Naval Surface Warfare Center,” writes Fast Company’s Neal Ungerleider. “In tests, Templeman and his team had twenty participants recruited on a college campus unknowingly install PlaceRaider on their phones — participants were initially told they were participating in a study on smartphone use — and the software was automatically set to take 1MP pictures without the user’s knowledge. Once PlaceRaider had mapped out a test room (with planted financial and personal information) that was used in a study, a separate group of participants were able to use the 3D models created by the software to successfully find the financial data, bar codes, and QR codes that Templeman’s team had planted.”