14 DAY TRIAL // Brian Krebs has managed to track down the man who created Pincer, an Android Trojan that poses as a security certificate in an effort to steal information and text messages from infected devices.
F-Secure researchers analyzed Trojan:Android/Pincer.A earlier this year. They’ve identified a class called USSDDumbExtendedNetworkService and a variable set to senneco.com.
F-Secure experts noted that the domain, which they redacted at the time, appeared to be connected to a Russian Android developer.
By using the information from F-Secure, Krebs found Google+ and Twitter accounts associated to the domain. They belonged to 32-year-old Yuri Shmakov from Novosibirsk, Russia.
Interestingly, Shmakov, who works for a Russian mobile app development firm, responded to the emails Krebs sent him.
He admitted to developing Pincer for someone with the email address [email protected].
Initially, Shmakov hoped that the app he developed would be a “really helpful” spam filter. He realized that this wasn’t what his client wanted, but he completed the project anyway.
It’s worth noting that Russia doesn't tolerate freelancers that develop malware. Earlier this year, Russian authorities arrested several individuals involved in the development of the Carberp Trojan.