A new app can 'virtually steal' from your home - by turning on your phone's camera and beaming images back to thieves.
The software can even build up a 3D model of your home, from which the hackers can inspect your rooms, potentially gleaning information about valuables in your home, calendar entries as well as spying on you.
The app was created by US military experts at Naval Surface Warfare Center in Crane, Indiana,to show how cybercriminals could operate in the future.
The PlaiceRaider creators even demonstrated how they could read the numbers of a cheque book when they tested the Android software on 20 volunteers.
As long as the app could be installed on the users phone, it can instantly begin beaming back images from the phone when it senses the right conditions, and software on the other end can then re-construct maps of the visited room.
The team gave their infected phone to 20 individuals, who did not know about the malicious app, and asked them to continue operating in their normal office environment.
The team said they could glean vital information from all 20 users, and that the 3D reconstruction made it much easier to steal information than by just using the images alone.
Researcher Robert Templeman said their app can run in the background of any smartphone using the Android 2.3 operating system.
The research team said: 'Through completely opportunistic use of the phone's camera and other sensors, PlaceRaider constructs rich, three dimensional models of indoor environments.
'Remote burglars can thus "download" the physical space, study the environment carefully, and steal virtual objects from the environment (such as financial documents, information on computer monitors, and personally identifiable information).'
PlaiceRaider will silently take photographs, recording the time, location and orientation due to the sensors within most modern smartphones.
It will then delete any blurred or dark shots, before sending the rest back to a central server, which can reconstruct the user's room, based on information such as phone orientation.
Then the hacker can explore the user's property at will - for instance, scanning the room for calendars, private details on computer screens, and cheque-books or card details.
Templeman said: 'We implemented on Android for practical reasons, but we expect such malware to generalize to other platforms such as iOS and Windows Phone.'
The team offered various ways in which phone manufacturers could secure their systems, for instance making it impossible to disable the shutter sound on phones, so that a user will know if a picture is being taken.
Some manufacturers have done this previously, after many cases of mobiles being used surreptitiously for illegal or immoral purposes, but the sound can be disabled on many models.