PlaceRaider malware takes a picture after hijacking a phone. It found a check.. (via Naval Surface Warfare Center)
Spyware, computer viruses and other malware aim at stealing information, catching you off guard, using your system in whichever way the programmer desires. These Trojan programs are commonly thought to be limited to stealing purely digital information like keystrokes, saved passwords, usernames etc. But researchers at the Naval Surface Warfare Center and the University of Indiana are bringing awareness to the fact that hacks could access a much more personal information from the device that travels with you everywhere: your smartphone.
Researchers have been revising the possible ways to gain someone’s personal information by hijacking a smartphone’s sensors like the microphone. This new malware, called PlaceRaider, hijacks your Android’s sensors, along with its camera, in order to take pictures when the phone is oriented in a certain way, like when it is upright and by chance in front of your computer or your desk at home.
This malware could be installed behind any downloaded app just as viruses are hidden in email attachments. The program stays covert by muting sounds made by the phone during picture taking and blocking the preview of pictures. Using the phones gyroscope and accelerometer, researcher Robert Tempelman and his team can make sure pictures are only taken while the phone is in a useful orientation instead of when its moving around in your pocket. Although this allows for a lot of redundant and useless pictures this minimizes and prevents mass amounts of information from clogging the smartphone’s communication.
The photos are then sent to the culprit where they can be analyzed and used to create 3D maps. These maps can then be sifted for information like financial documents, account numbers, whatever is on your computer screen or any other personal information that can be gathered. The team has conducted two human studies where they show the effectiveness of this approach.
This may be another reason for being paranoid of cybercrime, but the team made this software in hope of bringing awareness to its existence. The team has proposed possible defenses against this type of malware, like hardware that does not allow software to mute the speakers. They say it is very unlikely that individuals would have access to the resources needed to write such malware, but they do urge consumers to be weary of apps that access the camera and the Internet. This research was realized with a grant from the National Science Foundation. Although individuals might not be able to write such intricate software, who knows about Big Brother or those pesky corporations.
As cyberwarfare rages worldwide, be vigilant.