THE GOVERNMENT NOW CONTROLS YOUR SMARTPHONE CAMERA!
 - Researchers from the U.S. Naval Surface Warfare Center have developed malicious software that can remotely seize control of the camera on any smartphone and employ it to spy on the phone’s owner -

The malware, dubbed “PlaceRaider,” “allows remote hackers to reconstruct rich, three-dimensional models of the smartphone owner’s personal indoor spaces through completely opportunistic use of the camera,” the researchers said in a study published last week. This program uses images from the camera and positional information from the smartphone’s gyroscopic and other sensors to map anywhere the phone’s user spends a lot of time in, such as home or office, bedroom, etc.    PlaceRaider is the first known example of malware developed to exploit the high-definition cameras that are now ubiquitous on smartphones. The project was a collaboration between the Navy and researchers from the School of Informatics and Computing at Indiana University. These devices carry a suite of sensors capable of monitoring the environment in detail, powerful data processors and the ability to transmit and receive information at high rates.  Robert Templeman at the Naval Surface Warfare Center in Crane, Indiana, and a few pals at Indiana University reveal an entirely new class of 'visual malware' capable of recording and reconstructing a user's environment in 3D. This then allows the theft of virtual objects such as financial information, data on computer screens and identity-related information. Templeman and co call their visual malware PlaceRaider and have created it as an app capable of running in the background of any smartphone using the Android 2.3 operating system. PlaceRaider then runs in the background taking photos at random while recording the time, location and orientation of the phone. The malware mutes the phone as the photos are taken to hide the shutter sound, which would otherwise alert the user. The malware then performs some simple image filtering to get rid of blurred or dark images taken inside a pocket for example, and sends the rest to a central server. Here they are reconstructed into a 3D model of the user's space, using additional details such as the orientation and location of the camera.
A malicious user can then browse this space looking for objects worth stealing and sensitive data such as credit card details, identity data or calender details that reveal when the user might be away.
Templeman and co have carried out detailed tests of the app to see how well it works in realistic situations. They gave their infected phone to 20 individuals who were unaware of the malware and asked them to use it for various ordinary purposes in an office environment. They then evaluated the resulting photos by asking a group of other users to see how much information they could glean from them. Some of these users studied the raw images while the others studied the 3D models, both groups looking for basic information such as the number of walls in the room as well as more detailed info such as QR codes and personal checks lying around. They were able to build detailed models of the room from all the data sets. What's more, the 3D models made it vastly easier for malicious users to steal information from the personal office space than from the raw photos alone. That's an impressive piece of work that reveals some of the vulnerabilities of these powerful devices.And although the current version of the malware runs only on the Android platform, there is no reason why it couldn't be adapted for other systems. "We implemented on Android for practical reasons, but we expect such malware to generalize to other platforms such as iOS and Windows Phone,"  The message is clear, this kind of malware is a clear and present danger.
  READ ENTIRE ARTICLE            MIT REVIEW