{"id":48161,"date":"2020-11-16T17:26:53","date_gmt":"2020-11-16T09:26:53","guid":{"rendered":"https:\/\/version-2.com.sg\/?p=21530"},"modified":"2022-04-20T12:54:56","modified_gmt":"2022-04-20T04:54:56","slug":"lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2020\/11\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\/","title":{"rendered":"Lazarus misuses legitimate security software in a supply-chain attack in South Korea, ESET Research discovers"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

BRATISLAVA<\/strong>\u00a0\u2013 ESET researchers recently discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus since South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.

\u201cTo understand this novel supply-chain attack, you should be aware that WIZVERA VeraPort, referred to as an integration installation program, is a South Korean application that helps manage such additional security software. When WIZVERA VeraPort is installed, users receive and install all necessary software required by a specific website. Minimal user interaction is required to start such software installation,\u201d explains Anton Cherepanov, ESET researcher who led the investigation into the attack. \u201cUsually this software is used by government and banking websites in South Korea. For some of these websites it\u2019s mandatory to have WIZVERA VeraPort installed,\u201d adds Cherepanov.

Additionally, the attackers used illegally obtained code-signing certificates in order to sign the malware samples. Interestingly, one of these certificates was issued to the U.S. branch of a South Korean security company. \u201cThe attackers camouflaged the Lazarus malware samples as legitimate software. These samples have similar file names, icons and resources as legitimate South Korean software,\u201d says Peter K\u00e1lnai, ESET researcher who analyzed the Lazarus attack with Cherepanov. \u201cIt\u2019s the combination of compromised websites with WIZVERA VeraPort support and specific VeraPort configuration options that allows attackers to perform this attack,\u201d adds K\u00e1lnai.

ESET Research has strong indications to attribute the attack to Lazarus, as it is a continuation of what KrCERT has called Operation BookCodes, attributed to Lazarus by some in the cybersecurity research community. The other reasons are typical toolset characteristics; detection (many tools are already flagged as NukeSped by ESET); the fact that the attack took place in South Korea, where Lazarus is known to operate; the unusual and custom nature of the intrusion and encryption methods used; and the setup of network infrastructure.

It must be noted that the Lazarus toolset is extremely broad, and ESET believes there are numerous subgroups. Unlike toolsets used by some other cybercriminal groups, none of the source code of any Lazarus tools has ever been disclosed in a public leak.

For more technical details about the latest Lazarus supply-chain attack, read the blogpost \u201cLazarus supply-chain attack in South Korea<\/a>\u201d on WeLiveSecurity. Make sure to follow\u00a0ESET Research on Twitter<\/a>\u00a0for the latest news from ESET Research.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t
\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

About Version 2 Digital<\/h3>

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n

\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

About ESET<\/strong>
For 30 years, ESET\u00ae has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET\u2019s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24\/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single \u201cin-the-wild\u201d malware without interruption since 2003.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

BRATISLAVA\u00a0\u2013 ESET researchers recently discovered attem […]<\/p>\n","protected":false},"author":143524195,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[40,61,99],"tags":[41,98],"class_list":["post-48161","post","type-post","status-publish","format-standard","hentry","category-eset","category-press-release","category-year2020","tag-eset","tag-98"],"acf":[],"yoast_head":"\nLazarus misuses legitimate security software in a supply-chain attack in South Korea, ESET Research discovers - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/version-2.com\/zh\/2020\/11\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\/\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Lazarus misuses legitimate security software in a supply-chain attack in South Korea, ESET Research discovers - Version 2\" \/>\n<meta property=\"og:description\" content=\"BRATISLAVA\u00a0\u2013 ESET researchers recently discovered attem […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/version-2.com\/zh\/2020\/11\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2020-11-16T09:26:53+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-04-20T04:54:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/version-2.com\/wp-content\/uploads\/2020\/04\/blog-v2-logo.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"250\" \/>\n\t<meta property=\"og:image:height\" content=\"70\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"version2hk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"version2hk\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2020\\\/11\\\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2020\\\/11\\\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\\\/\"},\"author\":{\"name\":\"version2hk\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\"},\"headline\":\"Lazarus misuses legitimate security software in a supply-chain attack in South Korea, ESET Research discovers\",\"datePublished\":\"2020-11-16T09:26:53+00:00\",\"dateModified\":\"2022-04-20T04:54:56+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2020\\\/11\\\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\\\/\"},\"wordCount\":456,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"keywords\":[\"ESET\",\"2020\"],\"articleSection\":[\"ESET\",\"Press Release\",\"2020\"],\"inLanguage\":\"zh-HK\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2020\\\/11\\\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\\\/\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2020\\\/11\\\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\\\/\",\"name\":\"Lazarus misuses legitimate security software in a supply-chain attack in South Korea, ESET Research discovers - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"datePublished\":\"2020-11-16T09:26:53+00:00\",\"dateModified\":\"2022-04-20T04:54:56+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2020\\\/11\\\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\\\/#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/version-2.com\\\/zh\\\/2020\\\/11\\\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2020\\\/11\\\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Lazarus misuses legitimate security software in a supply-chain attack in South Korea, ESET Research discovers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\",\"name\":\"version2hk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"caption\":\"version2hk\"},\"sameAs\":[\"http:\\\/\\\/version2xfortcom.wordpress.com\"],\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/version2hk\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Lazarus misuses legitimate security software in a supply-chain attack in South Korea, ESET Research discovers - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/version-2.com\/zh\/2020\/11\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\/","og_locale":"zh_HK","og_type":"article","og_title":"Lazarus misuses legitimate security software in a supply-chain attack in South Korea, ESET Research discovers - Version 2","og_description":"BRATISLAVA\u00a0\u2013 ESET researchers recently discovered attem […]","og_url":"https:\/\/version-2.com\/zh\/2020\/11\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\/","og_site_name":"Version 2","article_published_time":"2020-11-16T09:26:53+00:00","article_modified_time":"2022-04-20T04:54:56+00:00","og_image":[{"width":250,"height":70,"url":"https:\/\/version-2.com\/wp-content\/uploads\/2020\/04\/blog-v2-logo.jpg","type":"image\/jpeg"}],"author":"version2hk","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"version2hk","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"4 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/version-2.com\/zh\/2020\/11\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/2020\/11\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\/"},"author":{"name":"version2hk","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db"},"headline":"Lazarus misuses legitimate security software in a supply-chain attack in South Korea, ESET Research discovers","datePublished":"2020-11-16T09:26:53+00:00","dateModified":"2022-04-20T04:54:56+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/zh\/2020\/11\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\/"},"wordCount":456,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"keywords":["ESET","2020"],"articleSection":["ESET","Press Release","2020"],"inLanguage":"zh-HK"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/zh\/2020\/11\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\/","url":"https:\/\/version-2.com\/zh\/2020\/11\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\/","name":"Lazarus misuses legitimate security software in a supply-chain attack in South Korea, ESET Research discovers - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"datePublished":"2020-11-16T09:26:53+00:00","dateModified":"2022-04-20T04:54:56+00:00","breadcrumb":{"@id":"https:\/\/version-2.com\/zh\/2020\/11\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\/#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/version-2.com\/zh\/2020\/11\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/version-2.com\/zh\/2020\/11\/lazarus-misuses-legitimate-security-software-in-a-supply-chain-attack-in-south-korea-eset-research-discovers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Lazarus misuses legitimate security software in a supply-chain attack in South Korea, ESET Research discovers"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db","name":"version2hk","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","caption":"version2hk"},"sameAs":["http:\/\/version2xfortcom.wordpress.com"],"url":"https:\/\/version-2.com\/zh\/author\/version2hk\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-cwN","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/48161","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/143524195"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=48161"}],"version-history":[{"count":6,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/48161\/revisions"}],"predecessor-version":[{"id":48698,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/48161\/revisions\/48698"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=48161"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=48161"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=48161"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}