{"id":5288,"date":"2020-06-17T14:09:34","date_gmt":"2020-06-17T21:09:34","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=5288"},"modified":"2024-04-26T13:21:23","modified_gmt":"2024-04-26T20:21:23","slug":"new-ransomware-avaddon","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/","title":{"rendered":"New Ransomware: Avaddon"},"content":{"rendered":"<p>Author:\u00a0 James Barnett<\/p>\n<p>TLP: White<\/p>\n<p>On 9 June, Infoblox detected a malicious spam (malspam) campaign delivering a new \u201cRansomware-as-a-Service\u201d (RaaS) malware known as Avaddon. It uses an affiliate revenue system where threat actors can sign up as affiliates and start using the ransomware for no initial fee, but in exchange they must give the author a percentage of their profits.<sup>1<\/sup> This makes Avaddon an attractive choice for threat actors who want a no-risk trial for the new malware. Because Avaddon is freely available, its distribution methods may vary significantly depending on the threat actor deploying it.<\/p>\n<p>The Avaddon campaign we observed used a lure referencing an attached photo to entice users to open a malicious ZIP file with a misleading triple file extension.<\/p>\n<p>The subject lines of the emails in this campaign included phrases such as \u201cIs this your photo?\u201d and \u201cLook at this photo!\u201d The body text was a single winking emoticon\u00a0 \ud83d\ude09\u00a0 \u00a0similar to a Nemty ransomware campaign we reported on earlier this year.<sup>2<\/sup><\/p>\n<p>The attached ZIP files used names with the pattern <em>IMG&lt;6 random digits&gt;<\/em> and a <em>.jpg.js.zip<\/em> file extension. These ZIP files contained JavaScript files with identical names and a <em>.jpg.js<\/em> file extension, e.g. <em>IMG182198.jpg.js<\/em>. These double file extensions will make the file appear to be a JPG to victims who have not disabled the default Windows setting for hiding known file extensions.<\/p>\n<p>Infoblox\u2019s full report on this campaign will be available soon on our <a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\">Threat Intelligence Reports<\/a> page.<\/p>\n<p><strong>Endnotes<\/strong><\/p>\n<ol>\n<li><a href=\"https:\/\/twitter.com\/china591\/status\/1270550036049346560\/photo\/1\"><u>https:\/\/twitter.com\/china591\/status\/1270550036049346560\/photo\/1<\/u><\/a><\/li>\n<li><a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence--61\"><u>https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence&#8211;61<\/u><\/a><\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Author:\u00a0 James Barnett TLP: White On 9 June, Infoblox detected a malicious spam (malspam) campaign delivering a new \u201cRansomware-as-a-Service\u201d (RaaS) malware known as Avaddon. It uses an affiliate revenue system where threat actors can sign up as affiliates and start using the ransomware for no initial fee, but in exchange they must give the author [&hellip;]<\/p>\n","protected":false},"author":397,"featured_media":2894,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[254],"tags":[32,288,40],"class_list":{"0":"post-5288","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threat-intelligence","8":"tag-malware","9":"tag-ransomware","10":"tag-threat-intelligence","11":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>New Ransomware: Avaddon<\/title>\n<meta name=\"description\" content=\"On 9 June, Infoblox detected a malicious spam (malspam) campaign delivering a new \u201cRansomware-as-a-Service\u201d (RaaS) malware known as Avaddon. It uses an affiliate revenue system where threat actors can sign up as affiliates and start using the ransomware for no initial fee, but in exchange they must give the author a percentage of their profits\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New Ransomware: Avaddon\" \/>\n<meta property=\"og:description\" content=\"On 9 June, Infoblox detected a malicious spam (malspam) campaign delivering a new \u201cRansomware-as-a-Service\u201d (RaaS) malware known as Avaddon. It uses an affiliate revenue system where threat actors can sign up as affiliates and start using the ransomware for no initial fee, but in exchange they must give the author a percentage of their profits\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-06-17T21:09:34+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-26T20:21:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/Spooks-and-Spys.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"660\" \/>\n\t<meta property=\"og:image:height\" content=\"454\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Infoblox Threat Intel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Infoblox Threat Intel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/new-ransomware-avaddon\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/new-ransomware-avaddon\\\/\"},\"author\":{\"name\":\"Infoblox Threat Intel\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\"},\"headline\":\"New Ransomware: Avaddon\",\"datePublished\":\"2020-06-17T21:09:34+00:00\",\"dateModified\":\"2024-04-26T20:21:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/new-ransomware-avaddon\\\/\"},\"wordCount\":267,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/new-ransomware-avaddon\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/Spooks-and-Spys.jpg\",\"keywords\":[\"Malware\",\"Ransomware\",\"Threat Intelligence\"],\"articleSection\":[\"Infoblox Threat Intel\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/new-ransomware-avaddon\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/new-ransomware-avaddon\\\/\",\"name\":\"New Ransomware: Avaddon\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/new-ransomware-avaddon\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/new-ransomware-avaddon\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/Spooks-and-Spys.jpg\",\"datePublished\":\"2020-06-17T21:09:34+00:00\",\"dateModified\":\"2024-04-26T20:21:23+00:00\",\"description\":\"On 9 June, Infoblox detected a malicious spam (malspam) campaign delivering a new \u201cRansomware-as-a-Service\u201d (RaaS) malware known as Avaddon. It uses an affiliate revenue system where threat actors can sign up as affiliates and start using the ransomware for no initial fee, but in exchange they must give the author a percentage of their profits\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/new-ransomware-avaddon\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/new-ransomware-avaddon\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/new-ransomware-avaddon\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/Spooks-and-Spys.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/Spooks-and-Spys.jpg\",\"width\":660,\"height\":454,\"caption\":\"Spook's and Spy's\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/new-ransomware-avaddon\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Infoblox Threat Intel\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/threat-intelligence\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"New Ransomware: Avaddon\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\",\"name\":\"Infoblox Threat Intel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"caption\":\"Infoblox Threat Intel\"},\"description\":\"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/infoblox-threat-intel\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"New Ransomware: Avaddon","description":"On 9 June, Infoblox detected a malicious spam (malspam) campaign delivering a new \u201cRansomware-as-a-Service\u201d (RaaS) malware known as Avaddon. It uses an affiliate revenue system where threat actors can sign up as affiliates and start using the ransomware for no initial fee, but in exchange they must give the author a percentage of their profits","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/","og_locale":"en_US","og_type":"article","og_title":"New Ransomware: Avaddon","og_description":"On 9 June, Infoblox detected a malicious spam (malspam) campaign delivering a new \u201cRansomware-as-a-Service\u201d (RaaS) malware known as Avaddon. It uses an affiliate revenue system where threat actors can sign up as affiliates and start using the ransomware for no initial fee, but in exchange they must give the author a percentage of their profits","og_url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/","og_site_name":"Infoblox Blog","article_published_time":"2020-06-17T21:09:34+00:00","article_modified_time":"2024-04-26T20:21:23+00:00","og_image":[{"width":660,"height":454,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/Spooks-and-Spys.jpg","type":"image\/jpeg"}],"author":"Infoblox Threat Intel","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Infoblox Threat Intel","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/"},"author":{"name":"Infoblox Threat Intel","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae"},"headline":"New Ransomware: Avaddon","datePublished":"2020-06-17T21:09:34+00:00","dateModified":"2024-04-26T20:21:23+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/"},"wordCount":267,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/Spooks-and-Spys.jpg","keywords":["Malware","Ransomware","Threat Intelligence"],"articleSection":["Infoblox Threat Intel"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/","url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/","name":"New Ransomware: Avaddon","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/Spooks-and-Spys.jpg","datePublished":"2020-06-17T21:09:34+00:00","dateModified":"2024-04-26T20:21:23+00:00","description":"On 9 June, Infoblox detected a malicious spam (malspam) campaign delivering a new \u201cRansomware-as-a-Service\u201d (RaaS) malware known as Avaddon. It uses an affiliate revenue system where threat actors can sign up as affiliates and start using the ransomware for no initial fee, but in exchange they must give the author a percentage of their profits","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/Spooks-and-Spys.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/Spooks-and-Spys.jpg","width":660,"height":454,"caption":"Spook's and Spy's"},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Infoblox Threat Intel","item":"https:\/\/www.infoblox.com\/blog\/category\/threat-intelligence\/"},{"@type":"ListItem","position":3,"name":"New Ransomware: Avaddon"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae","name":"Infoblox Threat Intel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","caption":"Infoblox Threat Intel"},"description":"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.","url":"https:\/\/www.infoblox.com\/blog\/author\/infoblox-threat-intel\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5288","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/397"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=5288"}],"version-history":[{"count":2,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5288\/revisions"}],"predecessor-version":[{"id":5315,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5288\/revisions\/5315"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/2894"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=5288"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=5288"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=5288"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}