{"id":72985,"date":"2017-05-02T21:00:46","date_gmt":"2017-05-03T04:00:46","guid":{"rendered":"https:\/\/securingtomorrow.mcafee.com\/?p=72985"},"modified":"2025-05-28T23:08:56","modified_gmt":"2025-05-29T06:08:56","slug":"cerber-ransomware-evades-detection-with-many-components","status":"publish","type":"post","link":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/","title":{"rendered":"Cerber Ransomware Evades Detection With Many Components"},"content":{"rendered":"

This blog was co-written by Sapna Juneja.<\/em><\/p>\n

Cerber is a quickly evolving type of malware called crypto-ransomware. Cerber encrypts files on an infected computer and demands a ransom to restore them. (Read more about Cerber in this post<\/a>.)<\/p>\n

Cerber ransomware first appeared in early 2016 and remains hard to detect. It uses multicomponent behavior (installing several malicious files on the victim\u2019s machine) that shows similarities to families such as Gamarue. Recent variants have added a loader component that appears to be designed to evade detection.<\/p>\n

Cerber <\/a>infects systems via social media tricks such as spam email with malicious links or documents, malvertising campaigns, exploits of vulnerable websites, and takes advantage of exploit kits Angler, Nuclear, and others. Recently we have seen self-extracting archives.<\/p>\n

\"\"<\/p>\n

Cerber’s infection path.<\/em><\/h2>\n

The SFX archive contains three files: VBS script, DLL, and an X component. The SFX file runs a VBS script using wscript.exe. The script executes a DLL-export function through rundll32.exe, which further decrypts and executes the encrypted X component. The last component checks for reversing environment techniques and injects the loader component into either Regasm.exe, Csc.exe or WerFault.exe.<\/p>\n

<\/h2>\n

\"\"<\/p>\n

 <\/p>\n

 <\/p>\n

The opening script, N3W7MN.VBS, has the following command:<\/p>\n

\"\"<\/p>\n

The X component is fully encrypted and looks like this:<\/p>\n

\"\"<\/p>\n

This DLL loads the first encrypted part (see next image) of the x component in memory; a second part looks for anti-reversing techniques. The first encrypted component:<\/p>\n

\"\"<\/p>\n

This component does following:<\/p>\n

    \n
  • Checks for antimalware engines.<\/li>\n<\/ul>\n

    \"\"<\/p>\n

      \n
    • Checks whether WireShark, a virtual machine, or VBox is running.<\/li>\n<\/ul>\n

      \"\"<\/p>\n

        \n
      • Adds the content of the VBS file into a run entry and runs one time.<\/li>\n
      • The malware uses run entries to add the VBS script into the startup sequence so that the malicious VBS script executes at every reboot.<\/li>\n<\/ul>\n

        \"\"<\/p>\n

          \n
        • Adds an entry to the task scheduler to reside on the system for a long time. Tasks are by default stored in %WinDir%\\Tasks or %WinDir%\\System32\\Tasks.<\/li>\n<\/ul>\n

          \"\"<\/p>\n

            \n
          • Decrypts the second component (see next image) from the X component and injects it into Regasm.exe or WerFault.exe to hide itself.<\/li>\n<\/ul>\n

            \"\"<\/p>\n

            The decrypted second component checks for the .Net framework. If found, the malware checks the available version and injects code into it. If .Net is not found, it injects code into WerFault.exe. In this way, Cerber is effective against 32-bit and 64-bit machines:<\/p>\n

            \"\"<\/p>\n

            The injected component has some interesting methods to bypass user account control, a feature that prevents unauthorized changes to a computer. Via notification, UAC assures that these changes are made only with the permission of the administrator. If a standard user account is in the local admin group, then damage is limited. Installing services, writing to secure locations, etc. are denied. To make these changes, users would need to interact with the desktop, such as with a right-click and run as administrator or accepting the UAC elevation prompt. There are number of ways to bypass UAC; one of them follows:<\/p>\n

            \"\"<\/p>\n

            In the preceding code the value of \u201cpszname\u201d is \u201celevation:Administrator!new:{guid}\u201d.<\/p>\n

            \"\"<\/p>\n

            Summary<\/strong><\/h2>\n

            Cerber uses several key techniques:<\/p>\n

              \n
            • Multicomponents to perform its tasks.<\/li>\n
            • Uses several anti-debugging, anti-emulation techniques.<\/li>\n
            • Bypasses UAC to gain elevated access.<\/li>\n<\/ul>\n

              Cerber uses these techniques to try to evade machine learning defenses. Defenders cannot rely on static machine learning; the security industry must adapt with dynamic machine learning or consider multiple technologies to proactively protect systems.<\/p>\n

              McAfee advises users to always keep their antimalware signatures up to date. McAfee products detect all versions of this malware as Ransom-Cerber!, with DAT Versions 8489 and later.<\/p>\n

              Hashes used in this analysis:<\/p>\n

                \n
              • 352f1ac1407a551e42c270a8d381ed7c2d74718356cee3c2206bb4836ea6349f: SFX<\/li>\n
              • 4d66976a9c20c859d44ea0df2d3325d35ed4556d83d5251384dbd4b790537d11: DLL<\/li>\n<\/ul>\n

                 <\/p>\n

                 <\/p>\n

                 <\/p>\n

                 <\/p>\n","protected":false},"excerpt":{"rendered":"

                This blog was co-written by Sapna Juneja. Cerber is a quickly evolving type of malware called crypto-ransomware. Cerber encrypts files…<\/p>\n","protected":false},"author":674,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[442],"tags":[76,338,180,4549],"coauthors":[3973],"class_list":["post-72985","post","type-post","status-publish","format-standard","hentry","category-mcafee-labs","tag-cybercrime","tag-endpoint-protection","tag-malware","tag-ransomware"],"acf":[],"yoast_head":"\nCerber Ransomware Evades Detection With Many Components | McAfee Blog<\/title>\n<meta name=\"description\" content=\"This blog was co-written by Sapna Juneja. Cerber is a quickly evolving type of malware called crypto-ransomware. Cerber encrypts files on an infected\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cerber Ransomware Evades Detection With Many Components | McAfee Blog\" \/>\n<meta property=\"og:description\" content=\"This blog was co-written by Sapna Juneja. Cerber is a quickly evolving type of malware called crypto-ransomware. Cerber encrypts files on an infected\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/\" \/>\n<meta property=\"og:site_name\" content=\"McAfee Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/McAfee\/\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/McAfee\/\" \/>\n<meta property=\"article:published_time\" content=\"2017-05-03T04:00:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-05-29T06:08:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2017\/04\/infection_chain_cerber.png\" \/>\n\t<meta property=\"og:image:width\" content=\"952\" \/>\n\t<meta property=\"og:image:height\" content=\"572\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"McAfee\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@McAfee\" \/>\n<meta name=\"twitter:site\" content=\"@McAfee\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"McAfee\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/\"},\"author\":{\"name\":\"McAfee\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/47851fdb92fad9456152405839c92efa\"},\"headline\":\"Cerber Ransomware Evades Detection With Many Components\",\"datePublished\":\"2017-05-03T04:00:46+00:00\",\"dateModified\":\"2025-05-29T06:08:56+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/\"},\"wordCount\":637,\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/04\/infection_chain_cerber-300x180.png\",\"keywords\":[\"cybercrime\",\"endpoint protection\",\"malware\",\"ransomware\"],\"articleSection\":[\"McAfee Labs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/\",\"name\":\"Cerber Ransomware Evades Detection With Many Components | McAfee Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/04\/infection_chain_cerber-300x180.png\",\"datePublished\":\"2017-05-03T04:00:46+00:00\",\"dateModified\":\"2025-05-29T06:08:56+00:00\",\"description\":\"This blog was co-written by Sapna Juneja. Cerber is a quickly evolving type of malware called crypto-ransomware. Cerber encrypts files on an infected\",\"breadcrumb\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/#primaryimage\",\"url\":\"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/04\/infection_chain_cerber-300x180.png\",\"contentUrl\":\"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/04\/infection_chain_cerber-300x180.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Other Blogs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"McAfee Labs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Cerber Ransomware Evades Detection With Many Components\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"name\":\"McAfee Blog\",\"description\":\"Internet Security News\",\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\",\"name\":\"McAfee\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"width\":1286,\"height\":336,\"caption\":\"McAfee\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/McAfee\/\",\"https:\/\/x.com\/McAfee\",\"https:\/\/www.linkedin.com\/company\/mcafee\/\",\"https:\/\/www.youtube.com\/McAfee\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/47851fdb92fad9456152405839c92efa\",\"name\":\"McAfee\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/1ffadfeeda1f4f9e7891a81f27a9ecf4\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2020\/08\/Original-Logo-96x96.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2020\/08\/Original-Logo-96x96.png\",\"caption\":\"McAfee\"},\"description\":\"We're here to make life online safe and enjoyable for everyone.\",\"sameAs\":[\"https:\/\/www.facebook.com\/McAfee\/\",\"https:\/\/www.linkedin.com\/company\/mcafee\/\",\"https:\/\/x.com\/McAfee\"],\"url\":\"https:\/\/www.mcafee.com\/blogs\/author\/mcafee\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cerber Ransomware Evades Detection With Many Components | McAfee Blog","description":"This blog was co-written by Sapna Juneja. Cerber is a quickly evolving type of malware called crypto-ransomware. Cerber encrypts files on an infected","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Cerber Ransomware Evades Detection With Many Components | McAfee Blog","og_description":"This blog was co-written by Sapna Juneja. Cerber is a quickly evolving type of malware called crypto-ransomware. Cerber encrypts files on an infected","og_url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/","og_site_name":"McAfee Blog","article_publisher":"https:\/\/www.facebook.com\/McAfee\/","article_author":"https:\/\/www.facebook.com\/McAfee\/","article_published_time":"2017-05-03T04:00:46+00:00","article_modified_time":"2025-05-29T06:08:56+00:00","og_image":[{"width":952,"height":572,"url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2017\/04\/infection_chain_cerber.png","type":"image\/png"}],"author":"McAfee","twitter_card":"summary_large_image","twitter_creator":"@McAfee","twitter_site":"@McAfee","twitter_misc":{"Written by":"McAfee","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/#article","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/"},"author":{"name":"McAfee","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/47851fdb92fad9456152405839c92efa"},"headline":"Cerber Ransomware Evades Detection With Many Components","datePublished":"2017-05-03T04:00:46+00:00","dateModified":"2025-05-29T06:08:56+00:00","mainEntityOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/"},"wordCount":637,"publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/#primaryimage"},"thumbnailUrl":"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/04\/infection_chain_cerber-300x180.png","keywords":["cybercrime","endpoint protection","malware","ransomware"],"articleSection":["McAfee Labs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/","url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/","name":"Cerber Ransomware Evades Detection With Many Components | McAfee Blog","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/#primaryimage"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/#primaryimage"},"thumbnailUrl":"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/04\/infection_chain_cerber-300x180.png","datePublished":"2017-05-03T04:00:46+00:00","dateModified":"2025-05-29T06:08:56+00:00","description":"This blog was co-written by Sapna Juneja. Cerber is a quickly evolving type of malware called crypto-ransomware. Cerber encrypts files on an infected","breadcrumb":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/#primaryimage","url":"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/04\/infection_chain_cerber-300x180.png","contentUrl":"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2017\/04\/infection_chain_cerber-300x180.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cerber-ransomware-evades-detection-with-many-components\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/www.mcafee.com\/blogs\/"},{"@type":"ListItem","position":2,"name":"Other Blogs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/"},{"@type":"ListItem","position":3,"name":"McAfee Labs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/"},{"@type":"ListItem","position":4,"name":"Cerber Ransomware Evades Detection With Many Components"}]},{"@type":"WebSite","@id":"https:\/\/www.mcafee.com\/blogs\/#website","url":"https:\/\/www.mcafee.com\/blogs\/","name":"McAfee Blog","description":"Internet Security News","publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.mcafee.com\/blogs\/#organization","name":"McAfee","url":"https:\/\/www.mcafee.com\/blogs\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","width":1286,"height":336,"caption":"McAfee"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/McAfee\/","https:\/\/x.com\/McAfee","https:\/\/www.linkedin.com\/company\/mcafee\/","https:\/\/www.youtube.com\/McAfee"]},{"@type":"Person","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/47851fdb92fad9456152405839c92efa","name":"McAfee","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/1ffadfeeda1f4f9e7891a81f27a9ecf4","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2020\/08\/Original-Logo-96x96.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2020\/08\/Original-Logo-96x96.png","caption":"McAfee"},"description":"We're here to make life online safe and enjoyable for everyone.","sameAs":["https:\/\/www.facebook.com\/McAfee\/","https:\/\/www.linkedin.com\/company\/mcafee\/","https:\/\/x.com\/McAfee"],"url":"https:\/\/www.mcafee.com\/blogs\/author\/mcafee\/"}]}},"_links":{"self":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/72985","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/users\/674"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/comments?post=72985"}],"version-history":[{"count":2,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/72985\/revisions"}],"predecessor-version":[{"id":214670,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/72985\/revisions\/214670"}],"wp:attachment":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media?parent=72985"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/categories?post=72985"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/tags?post=72985"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/coauthors?post=72985"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}