Let’s excerpt a bit more. The article clarifies that this Android malware is an academic project released only to in-house test participants and is intended to illustrate how—and, importantly, why—someone might build something like this:
PlaceRaider, which was summarized in a recent arXiv paper, is a piece of “visual malware” which smartphone cameras, accelerometers, and gyroscopes, to reconstruct victims’ rooms and offices. The trojan runs in the background of any phone running Android 2.3 or above, and is hidden in a photography app that gives PlaceRaider the necessary permissions to access the camera and upload images. Once installed, PlaceRaider quietly takes pictures at random that are tagged with the time, location, and orientation of the phone. PlaceRaider also, of course, mutes the phone’s shutter sound.
This is where the fun begins. Once pictures are taken, PlaceRaider’s algorithms filter out dark or blurry photos and upload the rest to a central server. As pictures are uploaded onto the central server, they are knitted together into a 3D model of the indoor location where the pics were taken. If a user’s credit card, bank information, or personal information happen to be out in the open—all the better. End users will also be able to get the full layout of a victim’s office or room.