Proof of concept Android malware creates 3D maps of your home

Filed Under: Android, Featured, Google, Malware, Mobile

Camera in pocket, courtesy of ShutterstockResearchers say that they have created a malicious Android application that uses the phone’s embedded camera and other spatial sensors to create 3D visual maps of the owner’s home and other spaces.

The proof of concept malware, dubbed PlaceRaider, was designed by researchers working for the U.S. Navy and the University of Indiana.

Running on Android mobile devices, it was designed to call attention to the ways that rapidly evolving mobile platforms might enable new forms of virtual theft.

Writing in a paper (pdf) published Thursday, the researchers said more powerful phones have created an opening for what they dub “sensory malware” that leverages the growing number of on-board sensors in the latest model mobile phones like the iPhone 5 and Android devices.

To prove their point, the researchers created PlaceRaider to demonstrate how remote hackers could construct “rich three-dimensional (3D) models of the smartphone’s owner’s personal indoor spaces”.

The malware uses a phone’s embedded sensors such as its GPS and accelerometer to determine when the victim was moving within the space. The onboard camera was then used to opportunistically snap shots of interior spaces and transfer them to a remote server which then assembles them to form a 3D model of the space.

Placeraider image

Androids were particularly well-suited for the task. The authors noted, with surprise, that the Android API doesn’t require any special permissions for an application to access sensor data on the phone, such as the accelerometer or gyroscope.

And users could easily be tricked into granting those permissions that were needed – such as to access the camera or write to local storage – by bundling PlaceRaider into a camera app, the authors said.

In a test, the researchers installed PlaceRaider on a subject’s phone and tracked their movements and the spaces they occupied.

Researchers tested the ability of the application to export large quantities of data, and of the test subjects to then use that data to snoop on occupants: zooming in to observe the content of information displayed on computer screens or papers in the target’s home or workplace, according to the research report.

PlaceRaider and other malicious “sensory” applications like it are well within the capabilities of modern phones and modern malware authors.

Eye spy, courtesy of ShutterstockHowever, they did have to clear some technical hurdles in implementing it. Heuristic sensors were needed to weed out junk photos that didn’t reveal any new information about a space and the volume of data collected by the malware is large enough that it could overwhelm a phone. That required the authors to create a way for PlaceRaider to automatically compress the data it was transmitting.

In addition to the malware, the authors also created tools to exploit the data the application collects. For example: they built a tool that would allow attackers to visually navigate a victim’s 3D space and zoom in on areas that might contain sensitive information. The phone could then be instructed to retrieve new, high resolution images of those spaces.

The authors recommend a number of changes to smartphones to make malware like PlaceRaider harder to implement.

Android and iOS devices could require permissions to access sensor data, and could alert users when applications appear to be using sensors – including the camera – in surreptitious ways.

Even small changes would have made it harder for PlaceRaider to achieve its goals. For example: phone makers might require physical interaction with the phone to operate the camera, or make it impossible to take a photo without the shutter sound.

PlaceRaider image, courtesy of PlaceRaider: Virtual Theft in Physical Spaces with Smartphones paper. Camera in pocket and eye spy images, courtesy of Shutterstock.

, , , , , , , , , , , , , , , , , , ,

You might like

16 Responses to Proof of concept Android malware creates 3D maps of your home

  1. catannea · 749 days ago

    Oh, no. Not that. I hate shutter sounds.

  2. Nigel · 749 days ago

    There's a segment in the popular film "The Avengers" wherein SHIELD appears to be hacking every mobile device in an effort to visually locate the bad guys. Sounded like sci-fi stuff, but apparently it's not so very far off the mark after all.

  3. S.Miller · 749 days ago

    This is the very reason the Android App store requires tighter restrictions. They should take a leaf out of Apple's book and vet the apps -before- they reach the marketplace.

  4. Mark · 749 days ago

    There is an obvious use for this, Industrial Espionage!

  5. Steve N. Mavronis · 749 days ago

    What about the free Sophos Mobile Security app that I have on my HTC Evo Design 3G smartphone? Would that help detect and prevent 'PlaceRaider' type malware?

  6. 2072 · 749 days ago

    "make it impossible to take a photo without the shutter sound."

    Very bad and annoying idea... sometimes it can be very useful to take photos without a loud and stupid shutter sound. This is for this kind of "security" feature that people root their devices or don't buy certain brands.

  7. Andy · 749 days ago

    And we all thought the sonic mapper in Nolan's "The Dark Knight" was something only meant for the movies.

  8. Pimpboy · 748 days ago

    Mighty android falling behind its rivals. What will happen to the fanboys ? Only god knows. Mass suicide I guess.

    Android uses automated bouncer program to check the apps unlike apple which uses automated and manual checks to make sure they are safer. Charlie miller demonstrated that he can penetrate and bypass bouncer security and filter process.

  9. @KirkInMontreal · 748 days ago

    I have the Samsung Galaxy Tab 10.1 - does anyone know if there is an app that I can install incase it gets taken/stolen/lost so I can track it? thanks

  10. @zorfling · 748 days ago

    Is it wrong that this sounds awesome?! I WANT this app...

  11. guest · 747 days ago

    Can the 3D environment be adapted as a Half-Life map?

  12. Steve · 746 days ago

    Would they not just get some photos of the inside of people's pockets?

    • Ace · 746 days ago

      I wonder if they use the proximity sensor for that, or may be just use an algorithm that discards the pictures that are too dark.

  13. Rose · 742 days ago

    I guess I'll put some masking tape over my phone camera's lens now.

  14. Deearr · 697 days ago

    Given that most phones are either face up/down if stationary or inside a pocket or bag, rather than hanging horizontally as you walk around, the camera hack isn't going to get much useful data.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul is a Boston-based reporter and industry analyst with more than a decade of experience covering the IT industry, cyber security and hacking. His work has appeared on threatpost.com, The Boston Globe, salon.com, NPR's Marketplace, Fortune Small Business, as well as industry publications including ZDNet, Computerworld, InfoWorld, eWeek, CIO , CSO and ITWorld.com. Paul got his 15 minutes as an expert guest on The Oprah Show - but that's a long story.