{"id":124639,"date":"2021-07-08T15:15:53","date_gmt":"2021-07-08T22:15:53","guid":{"rendered":"\/blogs\/?p=124639"},"modified":"2025-03-31T19:37:43","modified_gmt":"2025-04-01T02:37:43","slug":"hancitor-making-use-of-cookies-to-prevent-url-scraping","status":"publish","type":"post","link":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/","title":{"rendered":"Hancitor Making Use of Cookies to Prevent URL Scraping"},"content":{"rendered":"

This blog was written by Vallabh Chole & Oliver Devane<\/em><\/p>\n

Over the years, the cybersecurity industry has seen many threats get taken down, such as the Emotet takedown in January 2021<\/a>. It doesn\u2019t usually take long for another threat to attempt to fill the gap left by the takedown. Hancitor is one such threat.<\/p>\n

Like Emotet, Hancitor can send Malspams to spread itself and infect as many users as possible. Hancitor\u2019s main purpose is to distribute other malware such as FickerStealer, Pony, CobaltStrike, Cuba Ransomware and Zeppelin Ransomware. The dropped Cobalt Strike beacons can then be used to move laterally around the infected environment and also execute other malware such as ransomware.<\/p>\n

This blog will focus on a new technique used by Hancitor created to prevent crawlers from accessing malicious documents used to download and execute the Hancitor payload.<\/p>\n

The infection flow of Hancitor is shown below:<\/p>\n

A victim will receive an email with a fake DocuSign template to entice them to click a link. This link leads him to feedproxy.google.com, a service that works similar to an RSS Feed and enables site owners to publish site updates to its users.<\/p>\n

When accessing the link, the victim is redirected to the malicious site. The site will check the User-Agent of the browser and if it is a non-Windows User-Agent the victim will be redirected to google.com.<\/p>\n

If the victim is on a windows machine, the malicious site will create a cookie using JavaScript and then reload the site.<\/p>\n

The code to create the cookie is shown below:<\/p>\n

The above code will write the Timezone to value \u2018n\u2019 and the time offset to UTC in value \u2018d\u2019 and set it into cookie header for an HTTP GET Request.<\/p>\n

For example, if this code is executed on a machine with timezone set as BST the values would be:<\/p>\n

d = 60<\/p>\n

n = \u201cEurope\/London\u201d<\/p>\n

These values may be used to prevent further malicious activity or deploy a different payload depending on geo location.<\/p>\n

Upon reloading, the site will check if the cookie is present and if it is, it will present them with the malicious document.<\/p>\n

A WireShark capture of the malicious document which includes the cookie values is shown below:<\/p>\n

The document will prompt them to enable macros and, when enabled, it will download the Hancitor DLL and then load it with Rundll32.<\/p>\n

Hancitor will then communicate with its C&C and deploy further payloads. If running on a Windows domain, it will download and deploy a Cobalt Strike beacon.<\/p>\n

Hancitor will also deploy SendSafe which is a spam module, and this will be used to send out malicious spam emails to infect more victims.<\/p>\n

Conclusion<\/h2>\n

With its ability to send malicious spam emails and deploy Cobalt Strike beacons, we believe that Hancitor will be a threat closely linked to future ransomware attacks much like Emotet was. This threat also highlights the importance of constantly monitoring the threat landscape so that we can react quickly to evolving threats and protect our customers from them.<\/p>\n

IOCs, Coverage, and MITRE<\/h2>\n

IOCs<\/p>\n\n\n\n\n\n\n\n
IOC<\/strong><\/td>\nType<\/strong><\/td>\nIOC<\/strong><\/td>\nCoverage<\/strong><\/td>\nContent Version<\/strong><\/td>\n<\/tr>\n
Malicious Document<\/td>\nSHA256<\/td>\ne389a71dc450ab4077f5a23a8f798b89e4be65373d2958b0b0b517de43d06e3b<\/td>\nW97M\/Dropper.hx<\/p>\n

 <\/td>\n

4641<\/td>\n<\/tr>\n
Hancitor DLL<\/td>\nSHA256<\/td>\nc703924acdb199914cb585f5ecc6b18426b1a730f67d0f2606afbd38f8132ad6<\/p>\n

 <\/td>\n

Trojan-Hancitor.a<\/td>\n4644<\/td>\n<\/tr>\n
Domain hosting Malicious Document<\/td>\nURL<\/td>\nhttp[:]\/\/onyx-food[.]com\/coccus.php<\/td>\nRED<\/td>\nN\/A<\/td>\n<\/tr>\n
Domain hosting Malicious Document<\/p>\n

 <\/td>\n

URL<\/td>\nhttp[:]\/\/feedproxy[.]google[.]com\/~r\/ugyxcjt\/~3\/4gu1Lcmj09U\/coccus.php<\/td>\nRED<\/td>\nN\/A<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Mitre<\/p>\n\n\n\n\n\n\n\n\n\n\n\n
Technique ID<\/strong><\/td>\nTactic<\/strong><\/td>\nTechnique details<\/strong><\/td>\n<\/tr>\n
T1566.002<\/td>\nInitial Access<\/td>\nSpam mail with links<\/td>\n<\/tr>\n
T1204.001<\/td>\nExecution<\/td>\nUser\u00a0Execution by\u00a0opening link.<\/td>\n<\/tr>\n
T1204.002<\/td>\nExecution<\/td>\nExecuting downloaded\u00a0doc<\/td>\n<\/tr>\n
T1218<\/td>\nDefence\u00a0Evasion<\/td>\nSigned Binary Execution Rundll32<\/td>\n<\/tr>\n
T1055<\/td>\nDefence\u00a0Evasion<\/td>\nDownloaded binaries are injected into svchost for execution<\/td>\n<\/tr>\n
T1482<\/td>\nDiscovery<\/td>\nDomain Trust Discovery<\/td>\n<\/tr>\n
T1071<\/td>\nC&C<\/td>\nHTTP protocol for communication<\/td>\n<\/tr>\n
T1132<\/td>\nC&C<\/td>\nData is base64 encoded and\u00a0xored<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

 <\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

This blog was written by Vallabh Chole & Oliver Devane Over the years, the cybersecurity industry has seen many threats…<\/p>\n","protected":false},"author":695,"featured_media":122725,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[442],"tags":[],"coauthors":[4136],"class_list":["post-124639","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-mcafee-labs"],"acf":[],"yoast_head":"\nHancitor Making Use of Cookies to Prevent URL Scraping | McAfee Blog<\/title>\n<meta name=\"description\" content=\"This blog was written by Vallabh Chole & Oliver Devane Over the years, the cybersecurity industry has seen many threats get taken down, such as the\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hancitor Making Use of Cookies to Prevent URL Scraping | McAfee Blog\" \/>\n<meta property=\"og:description\" content=\"This blog was written by Vallabh Chole & Oliver Devane Over the years, the cybersecurity industry has seen many threats get taken down, such as the\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/\" \/>\n<meta property=\"og:site_name\" content=\"McAfee Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/McAfee\/\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/McAfee\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-07-08T22:15:53+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-04-01T02:37:43+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/06\/AdobeStock_349881038_614x300-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"614\" \/>\n\t<meta property=\"og:image:height\" content=\"300\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"McAfee Labs\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@McAfee_Labs\" \/>\n<meta name=\"twitter:site\" content=\"@McAfee\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"McAfee Labs\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/\"},\"author\":{\"name\":\"McAfee Labs\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/86f325fa6532a017d06d6b49a2f3b1ad\"},\"headline\":\"Hancitor Making Use of Cookies to Prevent URL Scraping\",\"datePublished\":\"2021-07-08T22:15:53+00:00\",\"dateModified\":\"2025-04-01T02:37:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/\"},\"wordCount\":674,\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/06\/AdobeStock_349881038_614x300-1.jpg\",\"articleSection\":[\"McAfee Labs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/\",\"name\":\"Hancitor Making Use of Cookies to Prevent URL Scraping | McAfee Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/06\/AdobeStock_349881038_614x300-1.jpg\",\"datePublished\":\"2021-07-08T22:15:53+00:00\",\"dateModified\":\"2025-04-01T02:37:43+00:00\",\"description\":\"This blog was written by Vallabh Chole & Oliver Devane Over the years, the cybersecurity industry has seen many threats get taken down, such as the\",\"breadcrumb\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/#primaryimage\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/06\/AdobeStock_349881038_614x300-1.jpg\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/06\/AdobeStock_349881038_614x300-1.jpg\",\"width\":614,\"height\":300,\"caption\":\"Consejos para protegerte de quienes intentan hackear tus correos electr\u00f3nicos\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Other Blogs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"McAfee Labs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Hancitor Making Use of Cookies to Prevent URL Scraping\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"name\":\"McAfee Blog\",\"description\":\"Internet Security News\",\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\",\"name\":\"McAfee\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"width\":1286,\"height\":336,\"caption\":\"McAfee\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/McAfee\/\",\"https:\/\/x.com\/McAfee\",\"https:\/\/www.linkedin.com\/company\/mcafee\/\",\"https:\/\/www.youtube.com\/McAfee\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/86f325fa6532a017d06d6b49a2f3b1ad\",\"name\":\"McAfee Labs\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/af947d76ffbef8521094b476cf8050c3\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2017\/07\/Social-Media-PF-Logo-Pic-300x300-2-96x96.jpg\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2017\/07\/Social-Media-PF-Logo-Pic-300x300-2-96x96.jpg\",\"caption\":\"McAfee Labs\"},\"description\":\"McAfee Labs is one of the leading sources for threat research, threat intelligence, and cybersecurity thought leadership. See our blog posts below for more information.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/company\/mcafee\/\",\"https:\/\/www.facebook.com\/McAfee\/\",\"https:\/\/x.com\/McAfee_Labs\"],\"url\":\"https:\/\/www.mcafee.com\/blogs\/author\/mcafee-labs\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hancitor Making Use of Cookies to Prevent URL Scraping | McAfee Blog","description":"This blog was written by Vallabh Chole & Oliver Devane Over the years, the cybersecurity industry has seen many threats get taken down, such as the","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Hancitor Making Use of Cookies to Prevent URL Scraping | McAfee Blog","og_description":"This blog was written by Vallabh Chole & Oliver Devane Over the years, the cybersecurity industry has seen many threats get taken down, such as the","og_url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/","og_site_name":"McAfee Blog","article_publisher":"https:\/\/www.facebook.com\/McAfee\/","article_author":"https:\/\/www.facebook.com\/McAfee\/","article_published_time":"2021-07-08T22:15:53+00:00","article_modified_time":"2025-04-01T02:37:43+00:00","og_image":[{"width":614,"height":300,"url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/06\/AdobeStock_349881038_614x300-1.jpg","type":"image\/jpeg"}],"author":"McAfee Labs","twitter_card":"summary_large_image","twitter_creator":"@McAfee_Labs","twitter_site":"@McAfee","twitter_misc":{"Written by":"McAfee Labs","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/#article","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/"},"author":{"name":"McAfee Labs","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/86f325fa6532a017d06d6b49a2f3b1ad"},"headline":"Hancitor Making Use of Cookies to Prevent URL Scraping","datePublished":"2021-07-08T22:15:53+00:00","dateModified":"2025-04-01T02:37:43+00:00","mainEntityOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/"},"wordCount":674,"publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/06\/AdobeStock_349881038_614x300-1.jpg","articleSection":["McAfee Labs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/","url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/","name":"Hancitor Making Use of Cookies to Prevent URL Scraping | McAfee Blog","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/#primaryimage"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/06\/AdobeStock_349881038_614x300-1.jpg","datePublished":"2021-07-08T22:15:53+00:00","dateModified":"2025-04-01T02:37:43+00:00","description":"This blog was written by Vallabh Chole & Oliver Devane Over the years, the cybersecurity industry has seen many threats get taken down, such as the","breadcrumb":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/#primaryimage","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/06\/AdobeStock_349881038_614x300-1.jpg","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/06\/AdobeStock_349881038_614x300-1.jpg","width":614,"height":300,"caption":"Consejos para protegerte de quienes intentan hackear tus correos electr\u00f3nicos"},{"@type":"BreadcrumbList","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/hancitor-making-use-of-cookies-to-prevent-url-scraping\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/www.mcafee.com\/blogs\/"},{"@type":"ListItem","position":2,"name":"Other Blogs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/"},{"@type":"ListItem","position":3,"name":"McAfee Labs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/"},{"@type":"ListItem","position":4,"name":"Hancitor Making Use of Cookies to Prevent URL Scraping"}]},{"@type":"WebSite","@id":"https:\/\/www.mcafee.com\/blogs\/#website","url":"https:\/\/www.mcafee.com\/blogs\/","name":"McAfee Blog","description":"Internet Security News","publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.mcafee.com\/blogs\/#organization","name":"McAfee","url":"https:\/\/www.mcafee.com\/blogs\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","width":1286,"height":336,"caption":"McAfee"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/McAfee\/","https:\/\/x.com\/McAfee","https:\/\/www.linkedin.com\/company\/mcafee\/","https:\/\/www.youtube.com\/McAfee"]},{"@type":"Person","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/86f325fa6532a017d06d6b49a2f3b1ad","name":"McAfee Labs","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/af947d76ffbef8521094b476cf8050c3","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2017\/07\/Social-Media-PF-Logo-Pic-300x300-2-96x96.jpg","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2017\/07\/Social-Media-PF-Logo-Pic-300x300-2-96x96.jpg","caption":"McAfee Labs"},"description":"McAfee Labs is one of the leading sources for threat research, threat intelligence, and cybersecurity thought leadership. See our blog posts below for more information.","sameAs":["https:\/\/www.linkedin.com\/company\/mcafee\/","https:\/\/www.facebook.com\/McAfee\/","https:\/\/x.com\/McAfee_Labs"],"url":"https:\/\/www.mcafee.com\/blogs\/author\/mcafee-labs\/"}]}},"_links":{"self":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/124639","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/users\/695"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/comments?post=124639"}],"version-history":[{"count":2,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/124639\/revisions"}],"predecessor-version":[{"id":211756,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/124639\/revisions\/211756"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media\/122725"}],"wp:attachment":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media?parent=124639"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/categories?post=124639"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/tags?post=124639"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/coauthors?post=124639"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}