{"id":27347,"date":"2013-07-10T14:33:21","date_gmt":"2013-07-10T21:33:21","guid":{"rendered":"http:\/\/blogs.mcafee.com\/?p=27347"},"modified":"2025-08-08T05:07:22","modified_gmt":"2025-08-08T12:07:22","slug":"what-master-key-android-signature-bypass-vulnerability","status":"publish","type":"post","link":"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/","title":{"rendered":"What Master Key? &#8211; Android Signature Bypass Vulnerability"},"content":{"rendered":"<p>Recently, a vulnerability in Android package signature verification was announced by Jeff Forristal, CTO of Bluebox Security. Jeff plans on revealing details at the upcoming BlackHat Briefings at the end of this month. Though he has not released any details on his findings beyond the initial <a href=\"http:\/\/bluebox.com\/corporate-blog\/bluebox-uncovers-android-master-key\/\">blog post<\/a> more information is becoming available on how to protect yourself from this vulnerability.<\/p>\n<h2><i>What is a package signature?<\/i><\/h2>\n<p>Apps and Android OS updates are distributed in packages called APKs. APKs can come from the Google Play store, app stores, web sites, or directly from a PC over USB. Every app installed on an Android device must be cryptographically signed by the developer or distributor\u2014this is the package signature. This is supposed to guarantee that the package has not been altered from the original. In addition, some signatures are special. Packages signed by the OEM may be given special privileges on the device. For example, an app signed by the OEM may be granted the ability to silently install other packages without involving the user. However, no normally installed app should be allowed to do this.<\/p>\n<p>When an app or system update is installed Android verifies the package signature by checking every file in the APK against the signature to make sure that no one has altered it. Unfortunately, due to the Android Signature Bypass vulnerability, it is possible for someone to insert their own potentially malicious files into the package without Android detecting the modification.<\/p>\n<h2><i>The Attack<\/i><\/h2>\n<p>Using this vulnerability an attacker could modify an existing system update and users installing this update or app would unknowingly be installing executables from the attacker. \u00a0This would give the attacker full control of the device. Once installed, the attacker could intercept phone calls, send and receive SMS messages, download or upload data or even completely erase the device.<\/p>\n<p>Fortunately, Google has been aware of this vulnerability since March and has taken two critical actions. The first, and most effective, was to make sure that there are no apps in Google Play that exploit this vulnerability. We can assume, too, that any new apps are also being checked. The second was to contact all of the Android OEMs to provide them with a patch that disallows duplicate files in APKs.<\/p>\n<h2><i>What can you do?<\/i><\/h2>\n<ol>\n<li>Install updates &#8211; As with any vulnerability the most important thing to do is to install any and all security updates available for your device. Google notified OEMs in March and provided them with a patch for this issue. Unfortunately, there is often a significant delay between Google providing a patch and updates being available on your device. This is due both to the needs for the OEM to integrate and test the patch on all of their supported devices but also, in the case of phones, for the carrier to do the same.<\/li>\n<li>Use security software &#8211; Second is to install and use security software capable of inspecting apps on your device. McAfee Mobile Security, as an example, scans every app and every file on your device for viruses and malware. It will thoroughly check both the APK and the contents of the APK. This means that even if malicious files are added to a good APK MMS will still detect them. McAfee\u2019s latest DAT update will detect any APK using this \u201cMaster Key\u201d technique as suspicious using the name \u201cExploit\/MasterKey.A\u201d.<\/li>\n<li>Avoid untrusted app stores &#8211; Finally, you should know and trust your sources of apps. Google has stated that Play is free of apps exploiting this vulnerability. However, Play is not the only source of apps. Don\u2019t install anything that is attached in an e-mail, from an app store, or from the web without first verifying with the sender that they really sent it and have scanned it with security software.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Recently, a vulnerability in Android package signature verification was announced by Jeff Forristal, CTO of Bluebox Security. Jeff plans on&#8230;<\/p>\n","protected":false},"author":674,"featured_media":131500,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1838],"tags":[37,214],"coauthors":[3973],"class_list":["post-27347","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-mobile-security","tag-android","tag-mobile-security1"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>What Master Key? - Android Signature Bypass Vulnerability | McAfee Blog<\/title>\n<meta name=\"description\" content=\"Recently, a vulnerability in Android package signature verification was announced by Jeff Forristal, CTO of Bluebox Security. Jeff plans on revealing\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What Master Key? - Android Signature Bypass Vulnerability | McAfee Blog\" \/>\n<meta property=\"og:description\" content=\"Recently, a vulnerability in Android package signature verification was announced by Jeff Forristal, CTO of Bluebox Security. Jeff plans on revealing\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/\" \/>\n<meta property=\"og:site_name\" content=\"McAfee Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/McAfee\/\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/McAfee\/\" \/>\n<meta property=\"article:published_time\" content=\"2013-07-10T21:33:21+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-08-08T12:07:22+00:00\" \/>\n<meta name=\"author\" content=\"McAfee\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@McAfee\" \/>\n<meta name=\"twitter:site\" content=\"@McAfee\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"McAfee\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/\"},\"author\":{\"name\":\"McAfee\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/47851fdb92fad9456152405839c92efa\"},\"headline\":\"What Master Key? &#8211; Android Signature Bypass Vulnerability\",\"datePublished\":\"2013-07-10T21:33:21+00:00\",\"dateModified\":\"2025-08-08T12:07:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/\"},\"wordCount\":645,\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/11\/Phone-lock-1-1.jpeg\",\"keywords\":[\"android\",\"mobile security\"],\"articleSection\":[\"Mobile Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/\",\"name\":\"What Master Key? - Android Signature Bypass Vulnerability | McAfee Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/11\/Phone-lock-1-1.jpeg\",\"datePublished\":\"2013-07-10T21:33:21+00:00\",\"dateModified\":\"2025-08-08T12:07:22+00:00\",\"description\":\"Recently, a vulnerability in Android package signature verification was announced by Jeff Forristal, CTO of Bluebox Security. Jeff plans on revealing\",\"breadcrumb\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/#primaryimage\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/11\/Phone-lock-1-1.jpeg\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/11\/Phone-lock-1-1.jpeg\",\"width\":600,\"height\":393,\"caption\":\"Men dress up lifestyle hold smartphone screen shows the key in the Security online world. the display and technology advances in communications. The concept of advancement in living in the future.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mobile Security\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/mobile-security\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"What Master Key? &#8211; Android Signature Bypass Vulnerability\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"name\":\"McAfee Blog\",\"description\":\"Internet Security News\",\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\",\"name\":\"McAfee\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"width\":1286,\"height\":336,\"caption\":\"McAfee\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/McAfee\/\",\"https:\/\/x.com\/McAfee\",\"https:\/\/www.linkedin.com\/company\/mcafee\/\",\"https:\/\/www.youtube.com\/McAfee\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/47851fdb92fad9456152405839c92efa\",\"name\":\"McAfee\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/1ffadfeeda1f4f9e7891a81f27a9ecf4\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2020\/08\/Original-Logo-96x96.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2020\/08\/Original-Logo-96x96.png\",\"caption\":\"McAfee\"},\"description\":\"We're here to make life online safe and enjoyable for everyone.\",\"sameAs\":[\"https:\/\/www.facebook.com\/McAfee\/\",\"https:\/\/www.linkedin.com\/company\/mcafee\/\",\"https:\/\/x.com\/McAfee\"],\"url\":\"https:\/\/www.mcafee.com\/blogs\/author\/mcafee\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What Master Key? - Android Signature Bypass Vulnerability | McAfee Blog","description":"Recently, a vulnerability in Android package signature verification was announced by Jeff Forristal, CTO of Bluebox Security. Jeff plans on revealing","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"What Master Key? - Android Signature Bypass Vulnerability | McAfee Blog","og_description":"Recently, a vulnerability in Android package signature verification was announced by Jeff Forristal, CTO of Bluebox Security. Jeff plans on revealing","og_url":"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/","og_site_name":"McAfee Blog","article_publisher":"https:\/\/www.facebook.com\/McAfee\/","article_author":"https:\/\/www.facebook.com\/McAfee\/","article_published_time":"2013-07-10T21:33:21+00:00","article_modified_time":"2025-08-08T12:07:22+00:00","author":"McAfee","twitter_card":"summary_large_image","twitter_creator":"@McAfee","twitter_site":"@McAfee","twitter_misc":{"Written by":"McAfee","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/#article","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/"},"author":{"name":"McAfee","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/47851fdb92fad9456152405839c92efa"},"headline":"What Master Key? &#8211; Android Signature Bypass Vulnerability","datePublished":"2013-07-10T21:33:21+00:00","dateModified":"2025-08-08T12:07:22+00:00","mainEntityOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/"},"wordCount":645,"publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/11\/Phone-lock-1-1.jpeg","keywords":["android","mobile security"],"articleSection":["Mobile Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/","url":"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/","name":"What Master Key? - Android Signature Bypass Vulnerability | McAfee Blog","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/#primaryimage"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/11\/Phone-lock-1-1.jpeg","datePublished":"2013-07-10T21:33:21+00:00","dateModified":"2025-08-08T12:07:22+00:00","description":"Recently, a vulnerability in Android package signature verification was announced by Jeff Forristal, CTO of Bluebox Security. Jeff plans on revealing","breadcrumb":{"@id":"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/#primaryimage","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/11\/Phone-lock-1-1.jpeg","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/11\/Phone-lock-1-1.jpeg","width":600,"height":393,"caption":"Men dress up lifestyle hold smartphone screen shows the key in the Security online world. the display and technology advances in communications. The concept of advancement in living in the future."},{"@type":"BreadcrumbList","@id":"https:\/\/www.mcafee.com\/blogs\/mobile-security\/what-master-key-android-signature-bypass-vulnerability\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/www.mcafee.com\/blogs\/"},{"@type":"ListItem","position":2,"name":"Mobile Security","item":"https:\/\/www.mcafee.com\/blogs\/mobile-security\/"},{"@type":"ListItem","position":3,"name":"What Master Key? &#8211; Android Signature Bypass Vulnerability"}]},{"@type":"WebSite","@id":"https:\/\/www.mcafee.com\/blogs\/#website","url":"https:\/\/www.mcafee.com\/blogs\/","name":"McAfee Blog","description":"Internet Security News","publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.mcafee.com\/blogs\/#organization","name":"McAfee","url":"https:\/\/www.mcafee.com\/blogs\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","width":1286,"height":336,"caption":"McAfee"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/McAfee\/","https:\/\/x.com\/McAfee","https:\/\/www.linkedin.com\/company\/mcafee\/","https:\/\/www.youtube.com\/McAfee"]},{"@type":"Person","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/47851fdb92fad9456152405839c92efa","name":"McAfee","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/1ffadfeeda1f4f9e7891a81f27a9ecf4","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2020\/08\/Original-Logo-96x96.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2020\/08\/Original-Logo-96x96.png","caption":"McAfee"},"description":"We're here to make life online safe and enjoyable for everyone.","sameAs":["https:\/\/www.facebook.com\/McAfee\/","https:\/\/www.linkedin.com\/company\/mcafee\/","https:\/\/x.com\/McAfee"],"url":"https:\/\/www.mcafee.com\/blogs\/author\/mcafee\/"}]}},"_links":{"self":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/27347","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/users\/674"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/comments?post=27347"}],"version-history":[{"count":3,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/27347\/revisions"}],"predecessor-version":[{"id":218184,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/27347\/revisions\/218184"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media\/131500"}],"wp:attachment":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media?parent=27347"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/categories?post=27347"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/tags?post=27347"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/coauthors?post=27347"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}