{"id":390,"date":"2017-03-21T14:55:49","date_gmt":"2017-03-21T14:55:49","guid":{"rendered":"https:\/\/eset-blog.aist.fun\/flashback-friday-operation-windigo\/"},"modified":"2019-05-29T12:07:31","modified_gmt":"2019-05-29T12:07:31","slug":"flashback-friday-operation-windigo","status":"publish","type":"post","link":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/","title":{"rendered":"Flashback Friday: Operation Windigo"},"content":{"rendered":"<h2><strong>Hunting the beast<\/strong><\/h2>\n<p class=\"wls-paragraph\">For readers familiar with mythology, the word Windigo might conjure up a vision of a fictional flesh-eating beast. In the world of cybersecurity, however, the term refers to a \u2018server consuming\u2019 malware-campaign uncovered by experts at ESET back in 2012, its name chosen due to the campaign\u2019s ability to gobble up servers and wreak havoc on victims. We take a look back at this campaign.<\/p>\n<h2><strong>First sighting<\/strong><\/h2>\n<p class=\"wls-paragraph\">First detected in 2011&nbsp;<a href=\"http:\/\/pastebin.com\/BKcmMd47\">by the Linux Foundation<\/a>, the malware campaign that later became known as Windigo was able to infiltrate around 25,000 servers over a two-year period (2012-2014), with the malicious gang behind it demonstrating a high level of technical expertise.<\/p>\n<p class=\"wls-paragraph\">After receiving the first Linux\/Cdorked sample from security firm Sucuri in March 2013, ESET launched Operation Windigo with the aim of analyzing the methods used by attackers, the extent of infection and the damage caused.<\/p>\n<p class=\"wls-paragraph\">This resulted in a <a href=\"http:\/\/welivesecuritycom\/wp-content\/uploads\/2014\/03\/operation_windigo.pdf\">detailed report<\/a> on the malware campaign and its impact in 2014. The comprehensive paper aimed to raise awareness of the operation through in-depth analysis, as well as details on how to detect infected hosts.<\/p>\n<p class=\"wls-paragraph\">It was well received by the public and the infosec community. Even the team behind the malware recognized the authority of the study, remarking at the time: \u201cGood job, ESET!\u201d<\/p>\n<h2><strong>A clever enemy<\/strong><\/h2>\n<p class=\"wls-paragraph\">The malicious team behind Windigo are not amateurs. For example,&nbsp;the operation \u2013 which exploits backdoors \u2013 uses a modified version of OpenSSH, an \u201copen source alternative to proprietary Secure Shell Software (SSH)\u201d.<\/p>\n<p class=\"wls-paragraph\">As well as infiltrating servers, the gang are also able to identify ordinary users from administrators, selecting victims based on their admin activity.<\/p>\n<p class=\"wls-paragraph\">In addition, the authors of the malware have showed considerable expertise in their efforts to evade detection with tactics including the upgrade of infected servers with new software to throw investigators off course, and creating a new version of their DNS backdoor software in June 2013 in response to the creation of detection tools released just months earlier in April 2013.<\/p>\n<h2><strong>Discovering clues<\/strong><\/h2>\n<p class=\"wls-paragraph\">As noted above, the investigation carried out by ESET revealed that Operation Windigo had, as originally identified by the Linux Foundation, been in place since at least 2011, with more than 25,000 unique servers compromised between 2012-2014, in countries including France, Italy, Russian Federation, Mexico and Canada.<\/p>\n<p class=\"wls-paragraph\">Infected servers were used by the attackers to mount extensive spam campaigns, steal credentials, redirect web traffic to advertisement networks and infect web users\u2019 computers through \u2018drive-by\u2019 downloads.<\/p>\n<p class=\"wls-paragraph\">The investigative team were also able to identify a link between \u201cdifferent malicious components such as Linux\/Cdorked, Perl\/Calfbot and Win32\/Glupteba.M,\u201d concluding that they are \u201c<a href=\"http:\/\/www.welivesecurity.com\/2014\/03\/18\/operation-windigo-tje-vivisetion-of-a-large-linux-server-side-credential-stealing-malware-campaign\/\">all operated by the same group<\/a>\u201d.<\/p>\n<h2><strong>Small but mighty<\/strong><\/h2>\n<p class=\"wls-paragraph\">When compared to other malware campaigns, Windigo may seem somewhat small-scale, with ESET\u2019s report confirming that the group were \u201ccurrently in control of more than ten thousand\u201d servers in 2014.<\/p>\n<p class=\"wls-paragraph\">However, it is important to remember that by infecting servers which are \u201cequipped with far more resources in terms of bandwidth, storage and computation power,\u201d the malware has a greater reach than if it was simply to infect personal computers.<\/p>\n<p class=\"wls-paragraph\">Indeed, according to ESET, the group are \u201cable to send more than 35,000,000 spam messages per day\u201d using this infrastructure.<\/p>\n<p class=\"wls-paragraph\">In addition, the malware was \u2013&nbsp;and is \u2013 able to infiltrate many different operating systems, including Apple OS X, OpenBSD, FreeBSD, Microsoft Windows (through Cygwin) and Linux. The malware was also discovered to have infected large organizations, including cPanel and Linux Foundation.<\/p>\n<h2><strong>Stealth methods<\/strong><\/h2>\n<p class=\"wls-paragraph\">The gang behind the operation also avoid detection by ceasing activity when they feel they are at risk of being discovered.<\/p>\n<p class=\"wls-paragraph\">It was also noted by ESET that the authors of the malware tend to focus on smaller websites, particularly porn sites, rather than more mainstream servers, due to their wide reach and lower security threshold. They also maximize server resources by running different activities in accordance with the level of access gained.<\/p>\n<p class=\"wls-paragraph\">In this way, the gang are able to wreak havoc with their malware, while staying one step ahead of information security experts and the authorities.<\/p>\n<h2><strong>Joining forces<\/strong><\/h2>\n<p class=\"wls-paragraph\">As a way to investigate and combat the attackers, ESET joined forces with several international organizations during their operation, including CERT-Bund, the Swedish National Infrastructure for Computing, and the European Organisation for Nuclear Research (CERN) to form a Working Group. Through this collaboration, the group members were able to notify those infected and assist with a clean-up.<\/p>\n<h2><strong>The beast lives on<\/strong><\/h2>\n<p class=\"wls-paragraph\">Like many malware threats, identification of the problem is not a solution in itself, and, with malware used by Operation Windigo evolving, it is imperative that administrators do all they can to avoid infiltration.<\/p>\n<p class=\"wls-paragraph\">Since publishing the report in 2014, ESET has continued in its quest to combat and protect against Linux\/Windigo malware, as well as other cybersecurity threats such as Linux\/Ebury.<\/p>\n<p class=\"wls-paragraph\">Source: <a id=\"community-tab\" class=\"publisher-nav-color\" href=\"http:\/\/www.welivesecurity.com\/2017\/03\/17\/flashback-friday-operation-windigo\/\" target=\"_blank\" rel=\"noopener noreferrer\" data-action=\"community-sidebar\" data-forum=\"welivesecurity\"><span class=\"community-name\"><strong>WeLiveSecurity<\/strong><\/span><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hunting the beast For readers familiar with mythology, the word Windigo might conjure up a vision of a fictional flesh-eating beast. In the world of cybersecurity, however, the term refers to a \u2018server consuming\u2019 malware-campaign uncovered by experts at ESET back in 2012, its name chosen due to the campaign\u2019s ability to gobble up servers<\/p>\n","protected":false},"author":5,"featured_media":1767,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[158,160],"tags":[],"class_list":["post-390","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","category-malware"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.2 (Yoast SEO v27.4) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Flashback Friday: Operation Windigo - ESET Eesti Blogi<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Flashback Friday: Operation Windigo\" \/>\n<meta property=\"og:description\" content=\"Hunting the beast For readers familiar with mythology, the word Windigo might conjure up a vision of a fictional flesh-eating beast. In the world of cybersecurity, however, the term refers to a \u2018server consuming\u2019 malware-campaign uncovered by experts at ESET back in 2012, its name chosen due to the campaign\u2019s ability to gobble up servers\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/\" \/>\n<meta property=\"og:site_name\" content=\"ESET Eesti Blogi\" \/>\n<meta property=\"article:publisher\" content=\"http:\/\/www.facebook.com\/antiviirus\" \/>\n<meta property=\"article:published_time\" content=\"2017-03-21T14:55:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-05-29T12:07:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blog.eset.ee\/wp-content\/uploads\/2019\/04\/shutterstock_150688946-623x410.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"623\" \/>\n\t<meta property=\"og:image:height\" content=\"410\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"ESET Blog\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ESET Blog\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2017\\\/03\\\/21\\\/flashback-friday-operation-windigo\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2017\\\/03\\\/21\\\/flashback-friday-operation-windigo\\\/\"},\"author\":{\"name\":\"ESET Blog\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#\\\/schema\\\/person\\\/876cf293277fc0b2ae2f4395fffe4c88\"},\"headline\":\"Flashback Friday: Operation Windigo\",\"datePublished\":\"2017-03-21T14:55:49+00:00\",\"dateModified\":\"2019-05-29T12:07:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2017\\\/03\\\/21\\\/flashback-friday-operation-windigo\\\/\"},\"wordCount\":805,\"image\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2017\\\/03\\\/21\\\/flashback-friday-operation-windigo\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2019\\\/04\\\/shutterstock_150688946-623x410.jpg\",\"articleSection\":[\"linux\",\"malware\"],\"inLanguage\":\"en-US\",\"copyrightYear\":\"2017\",\"copyrightHolder\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2017\\\/03\\\/21\\\/flashback-friday-operation-windigo\\\/\",\"url\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2017\\\/03\\\/21\\\/flashback-friday-operation-windigo\\\/\",\"name\":\"Flashback Friday: Operation Windigo - ESET Eesti Blogi\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2017\\\/03\\\/21\\\/flashback-friday-operation-windigo\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2017\\\/03\\\/21\\\/flashback-friday-operation-windigo\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2019\\\/04\\\/shutterstock_150688946-623x410.jpg\",\"datePublished\":\"2017-03-21T14:55:49+00:00\",\"dateModified\":\"2019-05-29T12:07:31+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#\\\/schema\\\/person\\\/876cf293277fc0b2ae2f4395fffe4c88\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2017\\\/03\\\/21\\\/flashback-friday-operation-windigo\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2017\\\/03\\\/21\\\/flashback-friday-operation-windigo\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2017\\\/03\\\/21\\\/flashback-friday-operation-windigo\\\/#primaryimage\",\"url\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2019\\\/04\\\/shutterstock_150688946-623x410.jpg\",\"contentUrl\":\"https:\\\/\\\/blog.eset.ee\\\/wp-content\\\/uploads\\\/2019\\\/04\\\/shutterstock_150688946-623x410.jpg\",\"width\":623,\"height\":410},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2017\\\/03\\\/21\\\/flashback-friday-operation-windigo\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Flashback Friday: Operation Windigo\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/\",\"name\":\"ESET Eesti Blogi\",\"description\":\"Uudised IT maailmast\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/#\\\/schema\\\/person\\\/876cf293277fc0b2ae2f4395fffe4c88\",\"name\":\"ESET Blog\",\"sameAs\":[\"http:\\\/\\\/eset.ee\"],\"url\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/author\\\/allankinsigo\\\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blog.eset.ee\\\/et\\\/en\\\/2017\\\/03\\\/21\\\/flashback-friday-operation-windigo\\\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"ESET EESTI\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Flashback Friday: Operation Windigo - ESET Eesti Blogi","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/","og_locale":"en_US","og_type":"article","og_title":"Flashback Friday: Operation Windigo","og_description":"Hunting the beast For readers familiar with mythology, the word Windigo might conjure up a vision of a fictional flesh-eating beast. In the world of cybersecurity, however, the term refers to a \u2018server consuming\u2019 malware-campaign uncovered by experts at ESET back in 2012, its name chosen due to the campaign\u2019s ability to gobble up servers","og_url":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/","og_site_name":"ESET Eesti Blogi","article_publisher":"http:\/\/www.facebook.com\/antiviirus","article_published_time":"2017-03-21T14:55:49+00:00","article_modified_time":"2019-05-29T12:07:31+00:00","og_image":[{"width":623,"height":410,"url":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2019\/04\/shutterstock_150688946-623x410.jpg","type":"image\/jpeg"}],"author":"ESET Blog","twitter_card":"summary_large_image","twitter_misc":{"Written by":"ESET Blog","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/#article","isPartOf":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/"},"author":{"name":"ESET Blog","@id":"https:\/\/blog.eset.ee\/et\/en\/#\/schema\/person\/876cf293277fc0b2ae2f4395fffe4c88"},"headline":"Flashback Friday: Operation Windigo","datePublished":"2017-03-21T14:55:49+00:00","dateModified":"2019-05-29T12:07:31+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/"},"wordCount":805,"image":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2019\/04\/shutterstock_150688946-623x410.jpg","articleSection":["linux","malware"],"inLanguage":"en-US","copyrightYear":"2017","copyrightHolder":{"@id":"https:\/\/blog.eset.ee\/et\/#organization"}},{"@type":"WebPage","@id":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/","url":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/","name":"Flashback Friday: Operation Windigo - ESET Eesti Blogi","isPartOf":{"@id":"https:\/\/blog.eset.ee\/et\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/#primaryimage"},"image":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2019\/04\/shutterstock_150688946-623x410.jpg","datePublished":"2017-03-21T14:55:49+00:00","dateModified":"2019-05-29T12:07:31+00:00","author":{"@id":"https:\/\/blog.eset.ee\/et\/en\/#\/schema\/person\/876cf293277fc0b2ae2f4395fffe4c88"},"breadcrumb":{"@id":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/#primaryimage","url":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2019\/04\/shutterstock_150688946-623x410.jpg","contentUrl":"https:\/\/blog.eset.ee\/wp-content\/uploads\/2019\/04\/shutterstock_150688946-623x410.jpg","width":623,"height":410},{"@type":"BreadcrumbList","@id":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.eset.ee\/et\/en\/"},{"@type":"ListItem","position":2,"name":"Flashback Friday: Operation Windigo"}]},{"@type":"WebSite","@id":"https:\/\/blog.eset.ee\/et\/en\/#website","url":"https:\/\/blog.eset.ee\/et\/en\/","name":"ESET Eesti Blogi","description":"Uudised IT maailmast","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.eset.ee\/et\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.eset.ee\/et\/en\/#\/schema\/person\/876cf293277fc0b2ae2f4395fffe4c88","name":"ESET Blog","sameAs":["http:\/\/eset.ee"],"url":"https:\/\/blog.eset.ee\/et\/en\/author\/allankinsigo\/"},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.eset.ee\/et\/en\/2017\/03\/21\/flashback-friday-operation-windigo\/#local-main-organization-logo","url":"","contentUrl":"","caption":"ESET EESTI"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/390","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/comments?post=390"}],"version-history":[{"count":0,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/390\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/media\/1767"}],"wp:attachment":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/media?parent=390"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/categories?post=390"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/tags?post=390"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}