{"id":151723,"date":"2021-01-11T11:00:54","date_gmt":"2021-01-11T08:00:54","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/the-trickbot-botnet-is-dead-or-is-it-cloudsavvy-it\/"},"modified":"2021-01-11T11:00:54","modified_gmt":"2021-01-11T08:00:54","slug":"the-trickbot-botnet-is-dead-or-is-it-cloudsavvy-it","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/the-trickbot-botnet-is-dead-or-is-it-cloudsavvy-it\/","title":{"rendered":"#The Trickbot Botnet is Dead \u2013 Or Is It? \u2013 CloudSavvy IT"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a27b8ef6d7d7\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a27b8ef6d7d7\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/the-trickbot-botnet-is-dead-or-is-it-cloudsavvy-it\/#Bots_and_Botnets\" >Bots and Botnets<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/the-trickbot-botnet-is-dead-or-is-it-cloudsavvy-it\/#Trickbot\" >Trickbot<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/the-trickbot-botnet-is-dead-or-is-it-cloudsavvy-it\/#Microsofts_Offensive_Against_Trickbot\" >Microsoft\u2019s Offensive Against Trickbot<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/the-trickbot-botnet-is-dead-or-is-it-cloudsavvy-it\/#How_They_Did_It\" >How They Did It<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/buradabiliyorum.com\/en\/the-trickbot-botnet-is-dead-or-is-it-cloudsavvy-it\/#So_is_Trickbot_Dead\" >So is Trickbot Dead?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/buradabiliyorum.com\/en\/the-trickbot-botnet-is-dead-or-is-it-cloudsavvy-it\/#Things_Are_Going_to_Get_Bazar\" >Things Are Going to Get Bazar<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/buradabiliyorum.com\/en\/the-trickbot-botnet-is-dead-or-is-it-cloudsavvy-it\/#Dont_Join_The_Botnet_Army\" >Don\u2019t Join The Botnet Army<\/a><\/li><\/ul><\/nav><\/div>\n<p><strong>&#8220;#The Trickbot Botnet is Dead \u2013 Or Is It? \u2013 CloudSavvy IT&#8221;<\/strong><\/p>\n<div id=\"article-content-area\">\n<figure id=\"attachment_8935\" style=\"width: 700px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8935 size-full\" src=\"https:\/\/www.cloudsavvyit.com\/thumbcache\/0\/0\/c6ec91ccbec378818d242a1fb095a091\/p\/uploads\/2021\/01\/05c2d700.png\" alt=\"\" width=\"700\" height=\"300\" data-crediturl=\"https:\/\/www.shutterstock.com\/image-vector\/digital-binary-code-on-dark-red-1437471713\" data-credittext=\"Shutterstock\/WhataWin\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\"><span class=\"imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.shutterstock.com\/image-vector\/digital-binary-code-on-dark-red-1437471713\">Shutterstock\/WhataWin<\/a><\/span><\/figcaption><\/figure>\n<p>In the run-up to the 2020 US election, Microsoft launched an offensive against a prolific botnet called Trickbot. Did they manage to kill the threat? We explain how it panned out.<\/p>\n<h2 id=\"bots-and-botnets\"><span class=\"ez-toc-section\" id=\"Bots_and_Botnets\"><\/span>Bots and Botnets<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>A\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Internet_bot#Malicious_bots\">bot<\/a>\u00a0is a computer that has been compromised and infected with\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Malware\">malware<\/a>. The malware performs some action to the benefit of the threat actor. A\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Botnet\">botnet<\/a>\u00a0is a network of bots that work in unison. The more bots there are in the botnet the more computational power it has. It forms a powerful\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Distributed_computing\">distributed platform computing<\/a>\u00a0working on behalf of the threat actors.<\/p>\n<p>Botnets can be used for tasks such as\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Cryptocurrency#Mining\">mining cryptocurrencies<\/a>, performing\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Denial-of-service_attack#Distributed_attack\">distributed denial of service<\/a>\u00a0attacks, acting as\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Spamming\">spam farms<\/a>, to harvest user credentials on a large scale, or to covertly gather information on individuals, networks, and organizations.<\/p>\n<p>The army of bots making up the bot network is controlled from a\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Command_and_control\">command and control server<\/a>\u00a0often referred to as a C2 server. The C2 server accepts information from the bots and responds by sending them commands to follow. The C2 server can also distribute new malicious payloads or plug-ins that provide new functionality for the malware.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Trickbot\"><\/span>Trickbot<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Trickbot could make a good claim for the title of the world\u2019s most infamous botnet. It started out life as a\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Trojan_horse_(computing)\">banking Trojan<\/a>\u00a0in 2016, stealing login credentials to banking and other payment platform accounts. Since then it has received continuous development and has evolved into a sophisticated malware delivery tool that is hired out to other cybercriminals and threat actor groups.<\/p>\n<p>It has infected over one million computing devices since 2016 making it a massive botnet and a powerful commodity for cybercriminals. It presents a major threat to businesses because it has been used as a distribution platform for\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Ransomware\">ransomware<\/a>\u00a0such as\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Ryuk_(ransomware)\">Ryuk<\/a>\u00a0and other big-name, large-scale ransomware operations.<\/p>\n<p>Infections usually stem from an employee falling for a fraudulent email sent to them as part of an email phishing campaign. The email carries a malicious attachment. When the user tries to open the attachment\u2014often masquerading as a PDF or Word file\u2014it <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">download<\/a>s and installs Trickbot.<\/p>\n<p>In fact, Trickbot is such a large network of compromised machines that a single C2 server is insufficient. Because of the number of bots and the amount of traffic, and partly because they wanted to build some redundancy into their infrastructure, the Trickbot group was using a staggering 69 C2 servers around the globe.<\/p>\n<p>So what would happen if the Trickbot threat actors lost access to all their C2 servers?<\/p>\n<h2 id=\"microsofts-offensive-against-trickbot\"><span class=\"ez-toc-section\" id=\"Microsofts_Offensive_Against_Trickbot\"><\/span>Microsoft\u2019s Offensive Against Trickbot<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>In October 2020, Microsoft and selected partners and hosting companies started to work together to identify and eliminate Trickbot\u2019s C2 servers.<\/p>\n<p>Microsoft\u2019s initial analysis identified\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/blogs.microsoft.com\/on-the-issues\/2020\/10\/20\/trickbot-ransomware-disruption-update\/\">69 core C2 servers<\/a>\u00a0that were crucial to Trickbot\u2019s operations. They disabled 62 of them im<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">media<\/a>tely. The other seven were not dedicated Trickbot servers, they were infected\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Internet_of_things\">Internet of Things<\/a>\u00a0(IoT) devices belonging to innocent victims.<\/p>\n<p>The IoT devices had been hijacked by Trickbot. Stopping those devices from behaving as C2 servers required a little more finesse than was used to deny the other C2 servers from having a hosting base. They had to be disinfected and returned to normal duty instead of just being brought to a shuddering halt.<\/p>\n<p>As you\u2019d expect, the Trickbot gang scrambled to get replacement servers launched and operational. They created 59 new servers. These were rapidly targetted by Microsoft and its allies and all but one of these\u2014as of 18 Oct. 2020\u2014was disabled. Including the original 69 servers, 120 out of 128 Trickbot servers have been disabled.<\/p>\n<h2 id=\"how-they-did-it\"><span class=\"ez-toc-section\" id=\"How_They_Did_It\"><\/span>How They Did It<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>In October 2020, Microsoft obtained a US court order allowing it and its partners to disable IP addresses used by the TrickBot C2 servers. They made both the servers themselves and their contents inaccessible to the Trickbot operators. Microsoft worked globally with telecommunication providers and industry partners including the\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.fsisac.com\/\">Financial Services Information Sharing and Analysis Center<\/a>\u00a0(FS-ISAC),\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.eset.com\/\">ESET<\/a>,\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.lumen.com\/en-uk\/security\/black-lotus-labs.html\">Lumen<\/a>,\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/hello.global.ntt\/en-us\/\">NTT<\/a>,\u00a0and\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/securitycloud.symantec.com\/cc\/#\/landing\">Symantec<\/a>.<\/p>\n<p>Microsoft\u2019s\u00a0Tom Burt (Corporate Vice President, Customer Security &amp; Trust)\u00a0 says Microsft can identify a new Trickbot server, figure out who the hosting provider is, straighten out the legal requirements for them to bring down the server, and then actually disable the server in less than three hours. For instances in territories where they have already closed down a C2 server, some of this can be fast-tracked because the legalities are either already in place or the process is now well understood. Their record for taking down a new C2 server is <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/blogs.microsoft.com\/on-the-issues\/2020\/10\/20\/trickbot-ransomware-disruption-update\/\">less than six minutes<\/a>.<\/p>\n<p>The Microsoft team continues to work with\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Internet_service_provider\">Internet Service Providers<\/a>\u00a0(ISPs) and national\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Computer_emergency_response_team\">Computer Emergency Response Teams<\/a>\u00a0(CERTs) to help organizations clean infected computers.<\/p>\n<h2 id=\"so-is-trickbot-dead\"><span class=\"ez-toc-section\" id=\"So_is_Trickbot_Dead\"><\/span>So is Trickbot Dead?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>It\u2019s too early to call. The infrastructure behind the malware is certainly in a poor state of health. But Trickbot has re-invented itself several times in the past. It might have done that already.\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.cybereason.com\/blog\/a-bazar-of-tricks-following-team9s-development-cycles\">Security researchers<\/a>\u00a0have detected a new type of malware backdoor and downloader that has code-level similarities to the Trickbot malware. The attribution for the new malware\u2014dubbed Bazar or BazarLoader\u2014leads straight to the Trickbot gang\u2019s door. It seems likely they were already working on a next-generation attack tool before the Microsoft offensive started.<\/p>\n<p>BazarLoader uses email phishing campaigns to initiate infections but, unlike the Trickbot phishing emails, they don\u2019t carry an attachment. Instead, they have links purporting to download or open documents in <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.google.com\/docs\/about\/\">Google Docs<\/a>. Of course, the links take the victim to fraudulent, lookalike web sites. The content of the phishing emails has been bogus information related to topics as varied as employees\u2019 payrolls and COVID-19.<\/p>\n<p>Bazar is designed to be even stealthier than Trickbot, using\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Blockchain\">blockchain<\/a>\u00a0encryption to mask C2 server domain URLs and\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Domain_Name_System\">Domain Name System<\/a>\u00a0(DNS) domains.\u00a0This new variant has already been seen distributing Ryuk ransomware, which historically has been a well-known customer of Trickbot. Perhaps the Trickbot group has transitioned one or more of their customers to their new product already?<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Things_Are_Going_to_Get_Bazar\"><\/span>Things Are Going to Get Bazar<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Because Trickbot evolved from its Trojan roots to becoming an extensible cybercrime platform for hire, adding new functionality to Trickbot can be achieved relatively easily. The threat actors write a new plug-in and download it from the C2 servers to the botnet machines. A new plug-in was detected in December 2020. There\u2019s at least some life in the old malware if it is still getting new functionality.<\/p>\n<p>The new plug-in allows Trickbot to perform a\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Unified_Extensible_Firmware_Interface\">Unified Extensible Firmware Interface<\/a>\u00a0(UEFI) bootkit attack.\u00a0The UEFI attack makes Trickbot much harder to remove from infected machines, even surviving complete hard drive swap-outs. It also allows the threat actors to brick a computer by scrambling its firmware.<\/p>\n<p>So Trickbot might be fading away, but the group behind Trickbot is ready to deploy its new malware platform, Bazar. Microsoft and their allies certainly hurt Trickbot. With Trickbot rendered almost inoperable, the Trickbot group\u2019s customers will have been bringing pressure to bear on them to deliver illegal services that they had paid for.<\/p>\n<p>And when your customers include such luminaries as North Korea\u2019s state-sponsored\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Advanced_persistent_threat\">advanced persistent threat<\/a>\u00a0group (APT)\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Lazarus_Group\">Lazarus<\/a>\u00a0you\u2019re going to need some good answers to some hard questions about your service level agreement and customer service.\u00a0This may be what led the Trickbot group to temporarily out-source some of their services to another cybercriminal group, to try to maintain some sort of operational capability.<\/p>\n<h2 id=\"dont-join-the-botnet-army\"><span class=\"ez-toc-section\" id=\"Dont_Join_The_Botnet_Army\"><\/span>Don\u2019t Join The Botnet Army<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Regardless of how sophisticated Trickbot and Bazar may be, they are only effective if they are able to infect computers to swell the ranks of their botnet army. The key to avoiding conscription is being able to spot the phishing emails, and deleting them instead of falling for them.<\/p>\n<p>Staff cyber security awareness training is key here. They receive emails all day every day. They need to be thinking defensively all the time. These points will help identify phishing emails.<\/p>\n<ul>\n<li>Be suspicious of things that are out of the ordinary. Have you ever had an email from the payroll department containing links to Google Docs before? Probably not. That should raise your suspicions straight away.<\/li>\n<li>Has the email been sent to you, or are you one of many recipients? Does it make sense that this type of email should go to a wider audience?<\/li>\n<li>The text in a hyperlink can be made to say anything, That is no guarantee the link will actually take you there. Hover your mouse pointer over any links in the body of the email. In an email application, a tooltip will appear with the actual link destination in it. If you are using a webmail client the decoded link destination will be displayed somewhere, usually at the bottom left-hand corner of the browser window. If the link destination looks at all suspicious, don\u2019t click it.<\/li>\n<li>Is the grammar in the email correct? Does the email strike the right tone and use the turn of phrase that you would expect in that type of communication? Spelling mistakes and bad grammar should be taken as warning signs.<\/li>\n<li>Do logos, footers, and other elements of corporate livery appear to be genuine? Or do they look like low-quality copies that have been grabbed from elsewhere?<\/li>\n<li>No\u00a0<em>bona fide<\/em>\u00a0organization will ever ask for passwords, account details, and other sensitive information.<\/li>\n<\/ul>\n<p>As always, prevention is better than cure.\n<\/p><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.cloudsavvyit.com\/8875\/the-trickbot-botnet-is-dead-or-is-it\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;#The Trickbot Botnet is Dead \u2013 Or Is It? \u2013 CloudSavvy IT&#8221; Shutterstock\/WhataWin In the run-up to the 2020 US election, Microsoft launched an offensive against a prolific botnet called Trickbot. Did they manage to kill the threat? We explain how it panned out. Bots and Botnets A\u00a0bot\u00a0is a computer that has been compromised and&#8230;<\/p>\n","protected":false},"author":1,"featured_media":151724,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/01\/05c2d700.png","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-151723","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/151723","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=151723"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/151723\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/151724"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=151723"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=151723"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=151723"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}