Scary New Malware Uses Your Phone To Make A Map Of Your House For Robbers

If you aren't careful, much of the tech you hold near and dear can be used against you. An app called PlaceRaider, for instance, can use your phone to build a full 3D map of your house, all without you suspecting a thing.

Developed by Robert Templeman at the Naval Surface Warfare centre and a few buddies from the University of Indiana, PlaceRader hijacks your phone's camera and takes a series of secret photographs, recording the time, and the phone's orientation and location with each shot. Using that information, it can reliably build a 3D model of your home or office, and let cyber-intruders comb it for personal information like passwords on sticky notes, bank statements laying out on the coffee table, or anything else you might have lying around that could wind up the target of a raid on a later date.

You might be asking yourself "why not just take video?" There are a couple of reasons. For one, users looking for things to steal found the 3D environments to be very useful in early tests of the app. More importantly, using photos and stitching them together after transmission minimizes the amount of data the phone has to be able to send, making the whole thing especially surreptitious.

That malware app was developed on Android for practical purposes -- presumably because the Android is a particularly open and tinker-friendly OS -- but there's no reason it couldn't show up on other mobile operating systems. From there, it's a just a matter of tricking the mark into installing an app which quietly asks for permission to control your camera, all the time. Now might be a good time to start thinking about smartphone lens caps. [Technology Review]

Image: GDubbed/Shutterstock



    I wanna just play with that software myself. Sounds pretty cool.

    Another reason to ROOT the phone and install a trusted firewall so that apps have to ask for permission to get internet access...

      Or just use iOS

        Sounds like a proof of concept program, not a malware problem, but since the concept doesn't need to use any exploits but just normal camera and data access it could be made a secret little part of any otherwise normal app on any system very easily without being spotted. That very much includes ios.

          True, except you are forgetting the Apple approval process. iOS apps are tested to see what APIs they use and how they use them. The only way this would gain approval is if they devs made it clear what the app did to the end user.

          Best case for would-be crims gaining access to this would be if the app sent the data to a 3rd party server for processing and the crims accessed those instead of the phone directly.

        We're trying NOT to get robbed here

        I'd rather not. Using an inferior product doesn't sound like my cup of tea

      Everything I've read about android firewalls (on rooted phones or not) suggests they're a waste of time at this point.

      lol, you might as well have anti virus and anti malware running on your phone all the time too.

        Symantec has anti virus software for android.

        Most of them are. Blocking network access is more difficult than just using Droidwall, because apps can use the browser to load URLs including data in the URL. LBE Droid is ok, but you need to havea deodexed ROM or it doesn't work properly. PDroid + PDroidAddon would be great, but it requires modification of the core Android framework files which means seriously messing with your phone. Also, PDroidAddon is only available for ICS, not JB.
        Probably the single easiest way to reduce the risk of this sort of thing is to include a small LED indicator next to each camera that is lit when the camera is in use. It is by no means foolproof, but at least it gives some indication that the camera is in use.

    has anyone considered how rare your phone will be pointing at something of value like that? if it isn't in youre pocket it will either be face-down on a table somewhere or facing the ceiling. And if you are using it, it will just point towards the floor

      Was thinking the same thing. The camera would give them very limited details about my home, but if they were able to use fine GPS data, they could perhaps at least get the layout of the house.

    And inside the walled garden, the rest of us are safe as…….. houses.

    Well my phone is usually placed camera down boy to mention i dont walk around with it

    This is stupid. Not only is my phone usually camera down, or in my pocket, or against a wall or in a draw or whatever. Even if it IS camera up, its facing the ceiling. I don't walk around with it pointing at things all day. And it certainly isn't going to have time to focus the camera on things like a bank statement or a "password on a sticky note"

    Sounds like fear mongering.

    If they've bugged my Nexus 7, good luck looking at my ugly mug, of them apparently 'mapping' this place.. bahaha.

    Who needs to take photo's , the new Iphone5 has a feature whereby if you recieve a call it and you choose remind me later , your phone creates (an invisible ring around you) and the split second you leave the room your phone will alert you to call the person who just called you , dont believe me..look it up on youtube.

    All someone has to do is write a code that doesnt need calls recieved to implement that feature and they can wirelessly map the whole place without anyone knowing . Raiders of the future will succeed because of people unaware of the technology they have and how to prevent stuff like this from happening.

      Your foil hat, sir.

    The camera on my Defy+ is terrible. Jokes on them.

    I may have missed something but what was the point of developing this? It wasn't a bunch of cyber terrorists it was Uni students? What practical, non theiving use does this have?
    Also, totally agree with the comments above saying that their phone is usually not taking awesome surveillance style landscape shots of their valuables lol. The thieves would be pretty knowledgable about my choice of footwear if they were interested? that all this is? I thought they might have developed a radar mapping tool like from the Batman Begins Movie. Now that wild have been scary.

    ^"developed by ...Naval Surface Warfare Group". Non thieving application: Thread a missile into a kitchen where nefarious activity is taking place, avoiding civilians in the bedrooms...

    so...all of you whom say your phone is *face-up* or *down* you 'never' walk around your house talking on said phone? Or do you lay it flat on your hand and hold it out walking and talking?
    Sure...proof of concept...but potential.

Join the discussion!