They call it “visual malware”, dubbed PlaceRaider, and it secretly uses a hijacked smartphone’s camera and sensors to quietly create a three-dimensional model of the owner’s indoor environment. As the owner moves about the room, the smartphone software, which is designed to run on Android 2.3 or above, turns off the phone’s speaker and begins snapping pictures while silently mapping the person’s movement using the phone’s accelerometers and gyroscopes.
Once the pictures are complete, PlaceRaider filters the pictures and uploads what is required to a central server. The images are then knitted together into a 3D representation of the environment. That environment can then be “travelled” through in order to examine the room’s layout or items lying around the room such as financial documents, information displayed on a computer monitor, or any other personal information that they wish to spy on without actually entering the premise.
The trojan requires Android 2.3 or greater and runs silently in the background. In the included picture, you can see the 3D layout of the room on the left along with a close-up examination of a desktop where we see financial documents that were left lying on the surface.
PlaceRaider was created through a grant from the National Science Foundation awarded to researchers from Indiana University and the Naval Surface Warfare Center.