Only yesterday I caught wind of the fact that, if you're using certain Android phones, and you click on a link sent to you by someone evil, you could wipe every bit of data off your phone just like that. (The Samsung fix for the problem is here.) That's kind of scary, but in terms of creepiness, it doesn't rank with the malware I caught wind of today. It's called PlaceRaider, and I'll let Fast Company describe it:
The trojan runs in the background of any phone running Android 2.3 or above, and is hidden in a photography app that gives PlaceRaider the necessary permissions to access the camera and upload images. Once installed, PlaceRaider quietly takes pictures at random that are tagged with the time, location, and orientation of the phone. PlaceRaider also, of course, mutes the phone's shutter sound.
This is where the fun begins. Once pictures are taken, PlaceRaider's algorithms filter out dark or blurry photos and upload the rest to a central server. As pictures are uploaded onto the central server, they are knitted together into a 3D model of the indoor location where the pics were taken. If a user's credit card, bank information, or personal information happen to be out in the open--all the better. End users will also be able to get the full layout of a victim's office or room.
And now for the good news: PlaceRaider isn't loose in the wild. It was designed as an academic exercise by a team at Indiana University. But maybe the exercise isn't purely academic. The head of the project, Robert Templeman, also works at the Naval Surface Warfare Center. Hmmm....
[Full disclosure: I guess if I'm going to write something that might seem to reflect unfavorably on Android, I should disclose that my SEP-IRA contains some Microsoft stock. And maybe I should disclose that my brother works for Microsoft (though not the smartphone part). And maybe I should even add that I own a Windows phone. But, if it will help dispel suspicions that I'm shilling for Microsoft, I can add that the native podcast app on my Windows phone has quit downloading podcasts via wifi, and that's very, very annoying.]
[Photos: Fast Company]