{"id":50421,"date":"2017-06-20T16:37:17","date_gmt":"2017-06-20T08:37:17","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=50421"},"modified":"2017-06-20T17:27:37","modified_gmt":"2017-06-20T09:27:37","slug":"android%e7%94%a8%e6%88%b6%e6%b3%a8%e6%84%8f-800%e5%a4%9a%e5%80%8b%e5%85%a7%e5%b5%8cxavier-%e5%bb%a3%e5%91%8a%e6%9c%a8%e9%a6%ac-app%e5%b7%b2%e8%a2%ab%e4%b8%8b%e8%bc%89%e6%95%b8%e7%99%be%e8%90%ac","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=50421","title":{"rendered":"Android\u7528\u6236\u6ce8\u610f! 800\u591a\u500b\u5167\u5d4cXavier \u5ee3\u544a\u6728\u99ac App,\u5df2\u88ab\u4e0b\u8f09\u6578\u767e\u842c\u6b21"},"content":{"rendered":"<p><a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2651&amp;name=20110916\">\u8da8\u52e2\u79d1\u6280<\/a>\u767c\u73fe\u4e00\u500b Trojan Android \u5ee3\u544a\u6728\u99ac\u7a0b\u5f0f Xavier (\u8da8\u52e2\u79d1\u6280\u5075\u6e2c\u5230\u70ba ANDROIDOS_XAVIER.AXM)\uff0c\u6703\u5077\u5077\u7aca\u53d6\u6216\u6d29\u6f0f\u4f7f\u7528\u8005\u7684\u8cc7\u8a0a,\u53ea\u8981\u4e0b\u8f09\u4e26\u958b\u555f\u4e2d\u6bd2\u7684APP\u6975\u6709\u53ef\u80fd\u5728\u4e0d\u81ea\u77e5\u7684\u60c5\u6cc1\u4e0b\uff0c\u500b\u8cc7\u5168\u88ab\u50b3\u9001\u51fa\u53bb\u3002\u4f9d\u64da<a href=\"https:\/\/mars.trendmicro.com\/\">\u8da8\u52e2\u79d1\u6280\u884c\u52d5\u88dd\u7f6e\u61c9\u7528\u7a0b\u5f0f\u4fe1\u8b7d\u8a55\u7b49<\/a>\u5075\u6e2c\u986f\u793a,\u5171\u6709 800 \u591a\u7a2e\u5167\u5d4c\u5ee3\u544a\u6728\u99ac\u7a0b\u5f0f SDK \u7684\u61c9\u7528\u7a0b\u5f0f\uff0c\u5728 Google Play \u5df2\u88ab\u4e0b\u8f09\u6578\u767e\u842c\u6b21\u3002\u9019\u4e9b\u61c9\u7528\u7a0b\u5f0f\u6db5\u84cb\u5de5\u5177\u61c9\u7528\u7a0b\u5f0f\uff0c\u4f8b\u5982\u7167\u7247\u7de8\u8f2f\u61c9\u7528\u7a0b\u5f0f\u3001\u684c\u5e03\u8207\u9234\u8072\u8b8a\u66f4\u7a0b\u5f0f\u3002Xavier \u6709\u4e00\u5957\u81ea\u6211\u4fdd\u8b77\u6a5f\u5236\uff0c\u8a66\u5716\u4fdd\u8b77\u81ea\u5df1\u514d\u53d7\u5075\u6e2c,\u6b64\u5916\u4e5f\u6703\u4e0b\u8f09\u548c\u57f7\u884c\u5176\u4ed6\u60e1\u610f\u7a0b\u5f0f\u78bc\u3002<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2014\/05\/Androidc.jpg\" width=\"658\" height=\"587\" \/><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>\u99ed\u5ba2\u5229\u7528Xavier\u8490\u96c6\u88ab\u611f\u67d3\u88dd\u7f6e\u7684SIM\u5361\u8cc7\u8a0a\u3001\u624b\u6a5f\u578b\u865f\u3001<em>\u8a9e\u8a00\u3001<\/em><em>\u5df2\u5b89\u88dd\u7684\u61c9\u7528\u7a0b\u5f0f\u3001<\/em><em>Android ID\u3001<\/em><em>\u96fb\u5b50\u90f5\u4ef6\u5730\u5740&#8230;.\u7b49<\/em>\u8cc7\u8a0a\uff0c\u7136\u5f8c\u5c07\u8cc7\u8a0a\u52a0\u5bc6\u4e26\u50b3\u9001\u5230\u9060\u7aef\u4f3a\u670d\u5668\u3002\u5927\u591a\u6578\u4e0b\u8f09\u906dXavier\u611f\u67d3 App\u7684\u7528\u6236\uff0c\u4f86\u81ea\u6771\u5357\u4e9e\uff0c\u4f8b\u5982\u8d8a\u5357\u3001\u83f2\u5f8b\u8cd3\u548c\u5370\u5c3c\uff0c\u53f0\u7063\u4e0b\u8f09\u91cf\u70ba 5.36%\u3002<\/p>\n<h3>\u5982\u4f55\u9632\u7bc4 Xavier?<\/h3>\n<ul>\n<li>\u907f\u514d\u4e0b\u8f09\u8207\u5b89\u88dd\u4f86\u6e90\u4e0d\u660e\u7684\u61c9\u7528\u7a0b\u5f0f\uff0c\u5373\u4f7f\u9019\u4e9b\u61c9\u7528\u7a0b\u5f0f\u662f\u4f86\u81ea Google Play \u7b49\u5408\u6cd5\u61c9\u7528\u7a0b\u5f0f\u5e02\u96c6<\/li>\n<li>\u95b1\u8b80\u5df2\u4e0b\u8f09\u8a72\u61c9\u7528\u7a0b\u5f0f\u4e4b\u5176\u4ed6\u4f7f\u7528\u8005\u7684\u8a55\u8ad6\u3002<\/li>\n<li>\u66f4\u65b0\u6216\u4fee\u88dc\u884c\u52d5\u88dd\u7f6e\uff0c\u6709\u52a9\u65bc\u963b\u64cb\u9396\u5b9a\u6f0f\u6d1e\u7684\u60e1\u610f\u7a0b\u5f0f\u3002<\/li>\n<li>\u4e00\u822c\u7528\u6236\u53ef\u4ee5\u5b89\u88dd\u8da8\u52e2\u79d1\u6280<a href=\"https:\/\/www.pccillin.com.tw\/product-tmms.html\">\u884c\u52d5\u5b89\u5168\u9632\u8b77<\/a>,\u5373\u523b<a href=\"https:\/\/www.pccillin.com.tw\/product-tmms.html#TMMS_freedownload\">\u514d\u8cbb\u9ad4\u9a57<\/a><\/li>\n<li>\u4f01\u696d\u4e5f\u53ef\u4ee5\u63a1\u53d6\u8da8\u52e2\u79d1\u6280\u00a0<a href=\"https:\/\/www.trendmicro.tw\/tw\/enterprise\/product-security\/mobile-security\/index.html\">Android \u7248\u884c\u52d5\u5b89\u5168\u9632\u8b77<\/a><\/li>\n<\/ul>\n<figure class=\"thumbnail wp-caption alignnone\" style=\"width: 1021px\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier1.jpg\" alt=\"\u5927\u591a\u6578\u4e0b\u8f09\u906dXavier\u611f\u67d3 App\u7684\u7528\u6236\uff0c\u4f86\u81ea\u6771\u5357\u4e9e\uff0c\u4f8b\u5982\u8d8a\u5357\u3001\u83f2\u5f8b\u8cd3\u548c\u5370\u5c3c\uff0c\u53f0\u7063\u4e0b\u8f09\u91cf\u70ba 5.36%\u3002\" width=\"1011\" height=\"558\" \/><figcaption class=\"caption wp-caption-text\">\u5927\u591a\u6578\u4e0b\u8f09\u906dXavier\u611f\u67d3 App\u7684\u7528\u6236\uff0c\u4f86\u81ea\u6771\u5357\u4e9e\uff0c\u4f8b\u5982\u8d8a\u5357\u3001\u83f2\u5f8b\u8cd3\u548c\u5370\u5c3c\uff0c\u53f0\u7063\u4e0b\u8f09\u91cf\u70ba 5.36%\u3002<\/figcaption><\/figure>\n<p>\u96d6\u7136<a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2651&amp;name=20110916\">\u8da8\u52e2\u79d1\u6280<\/a>\u4e4b\u524d\u5df2\u767c\u73fe\u904e\u60e1\u610f\u5ee3\u544a\u6728\u99ac\u7a0b\u5f0f <a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/the-fine-line-between-ad-and-adware-a-closer-look-at-the-mdash-sdk\/\">MDash SDK<\/a>\uff0c\u4f46\u9019\u6b3e\u6728\u99ac\u7a0b\u5f0f\u7684\u90e8\u5206\u7279\u6027\u8207\u4e4b\u524d\u7684\u5ee3\u544a\u6728\u99ac\u7a0b\u5f0f\u6709\u6240\u4e0d\u540c\u3002\u9996\u5148\uff0c\u9019\u6b3e\u6728\u99ac\u7a0b\u5f0f\u5167\u5d4c\u60e1\u610f\u884c\u70ba\uff0c\u6703\u4e0b\u8f09\u9060\u7aef\u4f3a\u670d\u5668\u7684\u7a0b\u5f0f\u78bc\uff0c\u7136\u5f8c\u8f09\u5165\u4e26\u57f7\u884c\u3002\u63a5\u8457\uff0c\u5b83\u6703\u900f\u904e\u5b57\u4e32\u52a0\u5bc6\u3001\u7db2\u969b\u7db2\u8def\u8cc7\u6599\u52a0\u5bc6\u4ee5\u53ca\u6a21\u64ec\u5668\u5075\u6e2c\u7b49\u65b9\u6cd5\uff0c\u8a66\u5716\u4fdd\u8b77\u81ea\u5df1\u514d\u53d7\u5075\u6e2c\u3002<\/p>\n<p>\u7531\u65bc Xavier \u5177\u6709\u9019\u985e\u81ea\u6211\u4fdd\u8b77\u6a5f\u5236\uff0c\u53ef\u4ee5\u898f\u907f\u975c\u614b\u8207\u52d5\u614b\u7684\u5206\u6790\uff0c\u56e0\u6b64\u5f88\u96e3\u5075\u6e2c\u51fa\u5b83\u7684\u7aca\u53d6\u548c\u6d29\u6f0f\u80fd\u529b\u3002\u6b64\u5916\uff0cXavier \u4e5f\u6703\u4e0b\u8f09\u548c\u57f7\u884c\u5176\u4ed6\u60e1\u610f\u7a0b\u5f0f\u78bc\uff0c\u4e26\u53ef\u80fd\u9020\u6210\u6bd4\u60e1\u610f\u7a0b\u5f0f\u66f4\u5371\u96aa\u7684\u5f8c\u679c\u3002Xavier \u7684\u884c\u70ba\u53d6\u6c7a\u65bc\u7531\u9060\u7aef\u4f3a\u670d\u5668\u8a2d\u5b9a\u7684\u4e0b\u8f09\u7a0b\u5f0f\u78bc\u548c\u7a0b\u5f0f\u78bc URL \u800c\u5b9a\u3002<!--more--><\/p>\n<p>\u958b\u59cb\u63a2\u8a0e Xavier \u7684\u5be6\u969b\u5206\u6790\u4e4b\u524d\uff0c\u8b93\u6211\u5011\u5148\u4f86\u77ad\u89e3\u5ee3\u544a\u6728\u99ac\u7a0b\u5f0f\u96a8\u8457\u6642\u9593\u7684\u6f14\u8b8a\u60c5\u6cc1\u3002<\/p>\n<h3><strong>Xavier <\/strong><strong>\u7684\u8b8a\u9769<\/strong><\/h3>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier2.jpg\" width=\"877\" height=\"834\" \/><\/p>\n<p>Xavier \u662f AdDown \u7cfb\u5217\u7684\u4e00\u54e1\uff0c\u5f9e\u5169\u5e74\u524d\u5c31\u5df2\u7d93\u958b\u59cb\u767c\u5c55\u3002\u7b2c\u4e00\u500b\u7248\u672c\u662f 2015 \u5e74\u4e0a\u534a\u5e74\u51fa\u73fe\u7684 <em>joymobile<\/em>\u3002\u9019\u7a2e\u8b8a\u7a2e\u75c5\u6bd2\u5df2\u80fd\u5920\u57f7\u884c\u9060\u7aef\u7a0b\u5f0f\u78bc\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier3.jpg\" width=\"324\" height=\"688\" \/><\/p>\n<p>\u6b64\u5ee3\u544a\u6728\u99ac\u7a0b\u5f0f\u9664\u4e86\u6703\u6536\u96c6\u4e26\u6d29\u6f0f\u4f7f\u7528\u8005\u8cc7\u8a0a\uff0c\u4e5f\u6703\u5b89\u88dd\u5176\u4ed6 APK\uff0c\u4e26\u5728\u88dd\u7f6e\u906d Root \u7834\u89e3\u6642\u7121\u8a0a\u606f\u81ea\u52d5\u5b8c\u6210\u6b64\u4f5c\u696d\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier4.jpg\" width=\"727\" height=\"295\" \/><\/p>\n<p>\u5b83\u6703\u4f7f\u7528\u547d\u4ee4\u8207\u63a7\u5236 (C&amp;C) \u4f3a\u670d\u5668\u4f86\u57f7\u884c\u4e0d\u52a0\u5bc6\u7684\u901a\u8a0a\u3002\u4e0d\u904e\uff0c\u6240\u6709\u5e38\u6578\u5b57\u4e32\u90fd\u6703\u5728\u7a0b\u5f0f\u78bc\u4e2d\u53d7\u5230\u52a0\u5bc6\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier5.jpg\" width=\"579\" height=\"66\" \/><\/p>\n<p>\u7b2c\u4e8c\u7a2e\u7531 AdDown \u7cfb\u5217\u767c\u5c55\u800c\u4f86\u7684\u8b8a\u7570\u75c5\u6bd2\u662f <em>nativemob<\/em>\u3002\u7576\u6211\u5011\u6bd4\u8f03 <em>nativemob<\/em> \u548c <em>joymobile<\/em> \u6642\uff0c\u53ef\u4ee5\u767c\u73fe\u524d\u8005\u7684\u7a0b\u5f0f\u78bc\u7d50\u69cb\u5df2\u91cd\u65b0\u6392\u5e8f\u3002\u5b83\u4e5f\u52a0\u5165\u4e86\u4e00\u4e9b\u65b0\u7684\u7279\u6027\uff0c\u4e3b\u8981\u662f\u5ee3\u544a\u884c\u70ba\u548c\u5de5\u5177\u9805\u76ee\u3002\u96d6\u7136\u5b83\u4e0d\u6703\u7121\u8a0a\u606f\u81ea\u52d5\u5b89\u88dd\u61c9\u7528\u7a0b\u5f0f\uff0c\u4f46\u9084\u662f\u6703\u9032\u884c\u9700\u4f7f\u7528\u8005\u78ba\u8a8d\u7684\u61c9\u7528\u7a0b\u5f0f\u5b89\u88dd\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier6.jpg\" width=\"273\" height=\"685\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier7.jpg\" width=\"426\" height=\"85\" \/><\/p>\n<p>\u5b83\u4e5f\u6703\u6bd4 joymobile \u6536\u96c6\u66f4\u591a\u7684\u4f7f\u7528\u8005\u8cc7\u8a0a\uff0c\u4e26\u5c07\u5176\u7de8\u78bc\u70ba base64 \u683c\u5f0f\uff0c\u7136\u5f8c\u5c07\u8cc7\u8a0a\u50b3\u9001\u7d66 C&amp;C \u4f3a\u670d\u5668\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier8.jpg\" width=\"829\" height=\"306\" \/><\/p>\n<p>\u4e0b\u4e00\u7a2e\u8b8a\u7a2e\u75c5\u6bd2\u5247\u7d04\u5728 2016 \u5e74 1 \u6708\u5de6\u53f3\u51fa\u73fe\u3002\u9019\u6b3e\u8b8a\u7a2e\u75c5\u6bd2\u7cbe\u7c21\u4e86\u5176\u4e2d\u7684\u5b57\u4e32\u52a0\u5bc6\u6f14\u7b97\u6cd5\uff0c\u4e26\u6703\u52a0\u5bc6\u5f9e\u9060\u7aef\u4f3a\u670d\u5668\u4e0b\u8f09\u7684\u7a0b\u5f0f\u78bc\uff0c\u7136\u5f8c\u65b0\u589e\u53cd\u5c04\u547c\u53eb\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier9.jpg\" width=\"754\" height=\"94\" \/><\/p>\n<p>\u9694\u6708\uff0c\u6b64\u75c5\u6bd2\u5c31\u56e0\u6545\u66f4\u65b0\u4e86\u5ee3\u544a\u6a21\u7d44\u8a2d\u5b9a\uff0c\u4e26\u79fb\u9664\u8cc7\u6599\u52a0\u5bc6\uff1a<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier10.jpg\" width=\"558\" height=\"131\" \/><\/p>\n<p>\u5f8c\u7e8c\u5e7e\u500b\u6708\uff0c\u5b83\u4e5f\u6709\u6301\u7e8c\u66f4\u65b0\u3002\u4e0d\u904e\uff0c\u9019\u4e9b\u5be6\u4f5c\u7684\u66f4\u65b0\u4e26\u6c92\u6709\u5927\u5e45\u8b8a\u66f4\u6b64\u5ee3\u544a\u6728\u99ac\u7a0b\u5f0f\u3002<\/p>\n<h3><strong>Xavier <\/strong><strong>\u7684\u6280\u8853\u5206\u6790<\/strong><\/h3>\n<p>Xavier \u662f\u5728 2016 \u5e74 9 \u6708\u5de6\u53f3\u767c\u5c55\u51fa\u4f86\u7684\u8b8a\u7570\u75c5\u6bd2\uff0c\u5176\u7a0b\u5f0f\u78bc\u66f4\u52a0\u7c21\u6f54\u3002\u7b2c\u4e00\u7248\u7684 Xavier \u79fb\u9664\u4e86 APK \u5b89\u88dd\u548c Root \u6aa2\u67e5\uff0c\u4f46\u65b0\u589e\u4e86\u4f7f\u7528 TEA \u6f14\u7b97\u6cd5\u7684\u8cc7\u6599\u52a0\u5bc6\u7279\u6027\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier11.jpg\" width=\"783\" height=\"126\" \/><\/p>\n<p>\u5f88\u5feb\u5730\uff0c\u5b83\u53c8\u65b0\u589e\u4e86\u4e0a\u8ff0\u63d0\u5230\u7684\u52d5\u614b\u5075\u6e2c\u898f\u907f\u6a5f\u5236\u3002<\/p>\n<p>Xavier \u5177\u6709\u5982\u4e0b\u7d50\u69cb\uff1a<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier12.jpg\" width=\"210\" height=\"468\" \/><\/p>\n<p>\u4e00\u65e6\u8f09\u5165 Xavier\uff0c\u5b83\u5c31\u6703\u5f9e C&amp;C \u4f3a\u670d\u5668 <em>hxxps:\/\/api-restlet[.]com\/services\/v5\/<\/em> \u53d6\u5f97\u521d\u59cb\u8a2d\u5b9a\uff0c\u4e26\u5728 Xavier \u4e2d\u9032\u884c\u52a0\u5bc6\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier13.jpg\" width=\"682\" height=\"99\" \/><\/p>\n<p>\u8a72\u4f3a\u670d\u5668\u4e5f\u6703\u52a0\u5bc6\u56de\u61c9\u8cc7\u6599\uff1a<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier14.jpg\" width=\"794\" height=\"227\" \/><\/p>\n<p>\u89e3\u5bc6\u4e4b\u5f8c\uff0c\u6211\u5011\u767c\u73fe\u5b83\u5be6\u969b\u4e0a\u662f Json \u6a94\uff1a<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier15.jpg\" width=\"430\" height=\"609\" \/><\/p>\n<ul>\n<li>V \u8868\u793a SDK \u7248\u672c\uff1b<\/li>\n<li>L \u8868\u793a SDK URL\uff1b<\/li>\n<li>G \u8868\u793a SDK Sid\uff1b<\/li>\n<li>S \u8868\u793a SDK \u8a2d\u5b9a\uff1b<\/li>\n<li>Au \u8868\u793a\u5ee3\u544a\u8a2d\u5b9a\u3002<\/li>\n<\/ul>\n<p>Xavier \u63a5\u8457\u6703\u5f9e <em>hxxp:\/\/cloud[.]api-restlet[.]com\/modules\/lib[.]zip<\/em> \u4e0b\u8f09\u6240\u8b02\u7684 SDK\uff0c\u4e26\u900f\u904e\u8a2d\u5b9a\u4f86\u8b80\u53d6\u3002\u4e0d\u904e\uff0clib.zip \u4e26\u4e0d\u662f\u5b8c\u6574\u7684 zip \u6a94\u3002<\/p>\n<p>Xavier \u6703\u5728\u53d6\u5f97 lib.zip \u4e4b\u5f8c\uff0c\u52a0\u5165 0x50 0x4B ahead lib.zip \u4e26\u5c07\u5176\u547d\u540d\u70ba xavier.zip\u3002\u9019\u5c31\u662f\u6709\u6548\u7684 zip \u6a94\u6848\u3002<\/p>\n<p><em><strong>\u4e4b\u524d<\/strong><\/em><em>\uff1a<\/em><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier16.jpg\" width=\"725\" height=\"51\" \/><\/p>\n<p><em><strong>\u4e4b\u5f8c<\/strong><\/em><em>\uff1a<\/em><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier17.jpg\" width=\"725\" height=\"52\" \/><\/p>\n<p>Xavier.zip \u542b\u6709 classes.dex \u6a94\u6848\uff0c\u5176\u6703\u7531 Xavier \u8f09\u5165\u4e26\u53eb\u7528\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier18.jpg\" width=\"471\" height=\"145\" \/><\/p>\n<p>\u9019\u500b dex \u6a94\u6848\u6703\u5f9e\u4f7f\u7528\u8005\u88dd\u7f6e\u6536\u96c6\u4e0b\u5217\u8cc7\u8a0a\uff0c\u7136\u5f8c\u5c07\u8cc7\u8a0a\u52a0\u5bc6\u4e26\u50b3\u9001\u5230\u9060\u7aef\u4f3a\u670d\u5668\uff1a<em>hxxps:\/\/api-restlet[.]com\/services\/v5\/rD<\/em>\u3002<\/p>\n<ul>\n<li><em>\u88fd\u9020\u5546<\/em><\/li>\n<li><em>\u4f86\u6e90<\/em><\/li>\n<li><em>SIM <\/em><em>\u5361\u570b\u5bb6<\/em><em>\/<\/em><em>\u5730\u5340<\/em><\/li>\n<li><em>\u7522\u54c1<\/em><\/li>\n<li><em>\u767c\u884c\u8005<\/em><em> ID<\/em><\/li>\n<li><em>SIM <\/em><em>\u5361\u96fb\u4fe1\u696d\u8005<\/em><\/li>\n<li><em>\u670d\u52d9<\/em><em> ID<\/em><\/li>\n<li><em>\u8a9e\u8a00<\/em><\/li>\n<li><em>\u89e3\u6790\u5ea6<\/em><\/li>\n<li><em>\u578b\u865f<\/em><\/li>\n<li><em>\u4f5c\u696d\u7cfb\u7d71\u7248\u672c<\/em><\/li>\n<li><em>\u88dd\u7f6e\u540d\u7a31<\/em><\/li>\n<li><em>\u88dd\u7f6e<\/em><em> ID<\/em><\/li>\n<li><em>\u5df2\u5b89\u88dd\u7684\u61c9\u7528\u7a0b\u5f0f<\/em><\/li>\n<li><em>Android ID<\/em><\/li>\n<li><em>\u96fb\u5b50\u90f5\u4ef6\u5730\u5740<\/em><\/li>\n<li><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier19.jpg \" width=\"626\" height=\"351\" \/><\/li>\n<\/ul>\n<p>Xavier \u9084\u6703\u5075\u6e2c\u7cfb\u7d71\u662f\u5426\u5728\u6a21\u64ec\u5668\u4e2d\u57f7\u884c\uff0c\u4ee5\u898f\u907f\u52d5\u614b\u5075\u6e2c\uff0c\u85c9\u6b64\u96b1\u85cf\u4fb5\u7565\u6027\u7684\u5ee3\u544a\u884c\u70ba\u3002\u5b83\u4e5f\u6703\u6aa2\u67e5\u88dd\u7f6e\u7684\u7522\u54c1\u540d\u7a31\u3001\u88fd\u9020\u5546\u3001\u88dd\u7f6e\u54c1\u724c\u3001\u88dd\u7f6e\u540d\u7a31\u3001\u88dd\u7f6e\u6a21\u7d44\u3001\u786c\u9ad4\u540d\u7a31\u6216\u6307\u7d0b\u662f\u5426\u5305\u542b\u4e0b\u5217\u5b57\u4e32\uff1a<\/p>\n<ul>\n<li><em>vbox86p<\/em><\/li>\n<li><em>Genymotion<\/em><\/li>\n<li><em>generic\/google_sdk\/generic<\/em><\/li>\n<li><em>generic_x86\/sdk_x86\/generic_x86<\/em><\/li>\n<li><em>google.market<\/em><\/li>\n<li><em>Droid4X<\/em><\/li>\n<li><em>generic_x86<\/em><\/li>\n<li><em>ttVM_Hdragon<\/em><\/li>\n<li><em>generic\/sdk\/generic<\/em><\/li>\n<li><em>google_sdk<\/em><\/li>\n<li><em>generic<\/em><\/li>\n<li><em>vbox86<\/em><\/li>\n<li><em>ttVM_x86<\/em><\/li>\n<li><em>MIT<\/em><\/li>\n<li><em>Andy<\/em><\/li>\n<li><em>window<\/em><\/li>\n<li><em>unknown<\/em><\/li>\n<li><em>goldfish<\/em><\/li>\n<li><em>sdk_x86<\/em><\/li>\n<li><em>generic_x86_64<\/em><\/li>\n<li><em>phone<\/em><\/li>\n<li><em>TTVM<\/em><\/li>\n<li><em>sdk_google<\/em><\/li>\n<li><em>Android SDK built for x86<\/em><\/li>\n<li><em>sdk<\/em><\/li>\n<li><em>Android SDK built for x86_64<\/em><\/li>\n<li><em>direct<\/em><\/li>\n<li><em>google<\/em><\/li>\n<li><em>XavierMobile<\/em><\/li>\n<li><em>TiantianVM<\/em><\/li>\n<li><em>android_id<\/em><\/li>\n<li><em>generic\/vbox86p\/vbox86p<\/em><\/li>\n<li><em>google.vending<\/em><\/li>\n<li><em>nox<\/em><\/li>\n<\/ul>\n<p>Xavier \u4e5f\u6703\u6383\u63cf\u4f7f\u7528\u8005\u7684\u96fb\u5b50\u90f5\u4ef6\u5730\u5740\uff0c\u6aa2\u67e5\u5176\u4e2d\u662f\u5426\u5305\u542b\u4e0b\u5217\u5b57\u4e32\uff0c\u85c9\u6b64\u96b1\u85cf\u5176\u884c\u70ba\uff1a<\/p>\n<ul>\n<li><em>pltest<\/em><\/li>\n<li><em>@facebook.com<\/em><\/li>\n<li><em>tester<\/em><\/li>\n<li><em>@google.com<\/em><\/li>\n<li><em>review<\/em><\/li>\n<li><em>playlead<\/em><\/li>\n<li><em>agotschin<\/em><\/li>\n<li><em>gptest<\/em><\/li>\n<li><em>rxwave 15<\/em><\/li>\n<li><em>rxplay<\/em><\/li>\n<li><em>admob<\/em><\/li>\n<li><em>gplay<\/em><\/li>\n<li><em>adsense<\/em><\/li>\n<li><em>gtwave<\/em><\/li>\n<li><em>rxtest<\/em><\/li>\n<li><em>review<\/em><\/li>\n<li><em>qaplay<\/em><\/li>\n<li><em>test<\/em><\/li>\n<li><em>rxtester<\/em><\/li>\n<li><em>playtestwave<\/em><\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier20.jpg\" width=\"426\" height=\"626\" \/><\/p>\n<p><strong>\u00a0<\/strong><\/p>\n<p>Xavier \u6703\u63a1\u53d6\u4e0b\u5217\u884c\u70ba\uff0c\u4ee5\u514d\u53d7\u5230\u5075\u6e2c\uff1a<\/p>\n<ul>\n<li>\u52a0\u5bc6\u6240\u6709\u5e38\u6578\u5b57\u4e32\uff0c\u8b93\u975c\u614b\u5075\u6e2c\u8207\u624b\u52d5\u5206\u6790\u66f4\u52a0\u56f0\u96e3\u3002<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier21.jpg\" width=\"651\" height=\"486\" \/><\/p>\n<p>2) \u900f\u904e HTTPS \u57f7\u884c\u7db2\u8def\u50b3\u8f38\uff0c\u4ee5\u9632\u6b62\u5176\u6d41\u91cf\u88ab\u767c\u73fe\u3002Xavier \u4e5f\u6703\u52a0\u5bc6\u8cc7\u6599\uff1a<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier22.jpg\" width=\"470\" height=\"243\" \/><\/p>\n<p>3) \u5b83\u6703\u4f7f\u7528\u53cd\u5c04\u53eb\u7528\u65b9\u6cd5\u7684\u5bec\u9663\u5217\uff0c\u642d\u914d\u8981\u52a0\u5bc6\u7684\u985e\u5225\u540d\u7a31\u548c\u65b9\u6cd5\u540d\u7a31\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier23.jpg\" width=\"763\" height=\"130\" \/><\/p>\n<p>4) \u5b83\u6703\u4f9d\u64da\u57f7\u884c\u74b0\u5883\u4f86\u96b1\u85cf\u5176\u884c\u70ba\u3002<\/p>\n<p>\u4e0b\u5217\u61c9\u7528\u7a0b\u5f0f\u70ba Google Play \u4e2d\u542b\u6709\u5167\u5d4c Xavier \u5ee3\u544a\u6728\u99ac\u7a0b\u5f0f\u7684\u7bc4\u4f8b\uff1a<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/06\/xavier25.jpg\" width=\"829\" height=\"546\" \/><\/p>\n<h3>\u5efa\u8b70\u8207\u6700\u4f73\u5be6\u52d9<\/h3>\n<p>\u82e5\u8981\u9632\u7bc4 Xavier \u9019\u6a23\u96e3\u7e8f\u7684\u60e1\u610f\u7a0b\u5f0f\uff0c\u6700\u7c21\u55ae\u7684\u65b9\u6cd5\u5c31\u662f\u907f\u514d\u4e0b\u8f09\u8207\u5b89\u88dd\u4f86\u6e90\u4e0d\u660e\u7684\u61c9\u7528\u7a0b\u5f0f\uff0c\u5373\u4f7f\u9019\u4e9b\u61c9\u7528\u7a0b\u5f0f\u662f\u4f86\u81ea Google Play \u7b49\u5408\u6cd5\u61c9\u7528\u7a0b\u5f0f\u5e02\u96c6\u4ea6\u540c\u3002\u6b64\u5916\uff0c\u60a8\u4e5f\u53ef\u4ee5\u95b1\u8b80\u5df2\u4e0b\u8f09\u8a72\u61c9\u7528\u7a0b\u5f0f\u4e4b\u5176\u4ed6\u4f7f\u7528\u8005\u7684\u8a55\u8ad6\u3002\u6709\u6642\u5019\u5176\u4ed6\u4f7f\u7528\u8005\u80fd\u6307\u51fa\u7279\u5b9a\u61c9\u7528\u7a0b\u5f0f\u662f\u5426\u6709\u53ef\u7591\u7684\u884c\u70ba\uff0c\u56e0\u6b64\u662f\u7d55\u4f73\u7684\u6d1e\u5bdf\u8cc7\u8a0a\u4f86\u6e90\u3002\u66f4\u65b0\u6216\u4fee\u88dc\u884c\u52d5\u88dd\u7f6e\uff0c\u4e5f\u6709\u52a9\u65bc\u963b\u64cb\u9396\u5b9a\u6f0f\u6d1e\u7684\u60e1\u610f\u7a0b\u5f0f\u3002<\/p>\n<p>\u6b64\u5916\uff0c\u4f7f\u7528\u8005\u548c\u4f01\u696d\u4e5f\u53ef\u4ee5\u63a1\u53d6 <a href=\"https:\/\/www.trendmicro.com\/en_us\/forHome\/products\/mobile-security.html\">Trend Micro<\/a>\u2122 <a href=\"https:\/\/www.trendmicro.com\/us\/home\/products\/mobile-solutions\/android-security\/\">Android \u7248\u884c\u52d5\u5b89\u5168\u9632\u8b77<\/a> \u9019\u985e\u5206\u5c64\u7684\u884c\u52d5\u5b89\u5168\u89e3\u6c7a\u65b9\u6848\uff0c\u5176\u53ef\u65bc <a href=\"https:\/\/play.google.com\/store\/apps\/details?id=com.trendmicro.tmmspersonal\">Google Play<\/a> \u53d6\u5f97\u3002<a href=\"https:\/\/www.trendmicro.com\/us\/enterprise\/product-security\/mobile-security\/\">Trend Micro<\/a>\u2122 <a href=\"https:\/\/www.trendmicro.com\/us\/enterprise\/product-security\/mobile-security\/\">\u4f01\u696d\u7248\u884c\u52d5\u5b89\u5168\u9632\u8b77<\/a>\u53ef\u8b93\u60a8\u7ba1\u7406\u88dd\u7f6e\u3001\u5408\u898f\u6027\u548c\u61c9\u7528\u7a0b\u5f0f\uff0c\u4ea6\u63d0\u4f9b\u8cc7\u6599\u9632\u8b77\u3001\u8a2d\u5b9a\u4f48\u5efa\u7b49\u529f\u80fd\uff0c\u4e26\u53ef\u4fdd\u8b77\u88dd\u7f6e\u514d\u53d7\u9396\u5b9a\u6f0f\u6d1e\u7684\u653b\u64ca\u3001\u9632\u7bc4\u672a\u7d93\u6388\u6b0a\u5b58\u53d6\u61c9\u7528\u7a0b\u5f0f\uff0c\u4ee5\u53ca\u5075\u6e2c\u8207\u5c01\u9396\u60e1\u610f\u7a0b\u5f0f\u548c\u8a50\u6b3a\u7db2\u7ad9\u3002<\/p>\n<p>\u7531\u65bc\u767c\u4f48\u65e5\u671f\u7684\u539f\u56e0\uff0cGoogle \u5df2\u79fb\u9664\u96dc\u6e4a\u8207\u61c9\u7528\u7a0b\u5f0f\u7684\u5b8c\u6574\u6e05\u55ae\uff0c\u4f46\u60a8\u53ef\u5728<a href=\"https:\/\/documents.trendmicro.com\/assets\/appendix--analyzing-xavier-an-information-stealing-ad-library-on-android.pdf\">\u9644\u9304<\/a>\u4e2d\u6aa2\u8996\u9019\u4efd\u6e05\u55ae\u3002<\/p>\n<p>\u2299\u539f\u6587\u4f86\u6e90:<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/analyzing-xavier-information-stealing-ad-library-android\/\">Analyzing Xavier: An Information-Stealing Ad Library on Android<\/a><\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"https:\/\/goo.gl\/TymIMx\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-42077\" src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2017\/01\/download-300x157.jpg\" sizes=\"(max-width: 500px) 100vw, 500px\" srcset=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2017\/01\/download-300x157.jpg 300w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2017\/01\/download-768x402.jpg 768w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2017\/01\/download-1024x537.jpg 1024w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2017\/01\/download-600x314.jpg 600w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2017\/01\/download.jpg 1525w\" alt=\"\" width=\"500\" height=\"262\" \/><\/a><a href=\"https:\/\/goo.gl\/TymIMx\"><br \/>\n\u7acb\u5373\u4e0b\u8f09\u5b89\u5168\u9054\u4eba\u4fdd\u8b77\u60a8\u7684\u500b\u8cc7\uff01<\/a><\/p>\n<p><a href=\"https:\/\/t.rend.tw\/?i=NTA0OQ\" rel=\"attachment wp-att-48079\"><br \/>\n<\/a><br \/>\n<a href=\"https:\/\/t.rend.tw\/?i=Mzc4NQ\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2015\/08\/Windows10Banner-540x90v5.gif\" \/><br \/>\n<\/a><\/p>\n<p>\u300a \u60f3\u4e86\u89e3\u66f4\u591a\u95dc\u65bc\u7db2\u8def\u5b89\u5168\u7684\u79d8\u8a23\u548c\u5efa\u8b70\uff0c\u53ea\u8981\u5230<a href=\"https:\/\/www.facebook.com\/trendmicrotaiwan\">\u8da8\u52e2\u79d1\u6280\u7c89\u7d72\u7db2\u9801<\/a> \u6216\u4e0b\u9762\u7684\u6309\u9215\u6309\u8b9a \u300b<\/p>\n<p><iframe loading=\"lazy\" src=\"https:\/\/www.facebook.com\/plugins\/likebox.php?id=255176705131&amp;width=350&amp;connections=0&amp;stream=false&amp;header=false&amp;height=62\" width=\"300\" height=\"150\" frameborder=\"0\" scrolling=\"no\" data-mce-fragment=\"1\"><\/iframe><\/p>\n<p><b><\/b>\u300a\u63d0\u9192\u300b\u5c07\u6ed1\u9f20\u6e38\u6a19\u79fb\u52d5\u5230\u7c89\u7d72\u9801\u53f3\u4e0a\u65b9\u7684<strong>\u300c\u5df2\u8aaa\u8b9a\u300d<\/strong>\u6b04\u4f4d\uff0c\u52fe\u9078<strong>\u300c\u6436\u5148\u770b\u300d<\/strong>\u9078\u9805<strong>,<\/strong>\u6700\u65b0\u8cbc\u6587\u5c31\u6703\u512a\u5148\u986f\u793a\u5728\u52d5\u614b\u6d88\u606f\u9802\u7aef\uff0c\u8b93\u4f60\u4e0d\u6703\u932f\u904e\u4efb\u4f55\u66f4\u65b0\u3002<br \/>\n*\u624b\u6a5f\u7248\u76f4\u63a5\u524d\u5f80\u5c08\u9801\u9996\u9801\uff0c\u4e0b\u62c9\u8ffd\u8e64\u4e2d\uff0c\u5c31\u80fd\u5c07\u7c89\u7d72\u5c08\u9801\u8a2d\u5b9a\u6436\u5148\u770b\u3002<\/p>\n<p>&nbsp;<\/p>\n<p>\u25bc \u6b61\u8fce\u52a0\u5165\u8da8\u52e2\u79d1\u6280\u793e\u7fa4\u7db2\u7ad9\u25bc<br \/>\n<strong><br \/>\n<\/strong><strong><a href=\"https:\/\/line.me\/ti\/p\/%40fgt4590r\"><img loading=\"lazy\" decoding=\"async\" class=\"\" src=\"https:\/\/biz.line.naver.jp\/line_business\/img\/btn\/addfriends_zh-Hant.png\" alt=\"\u597d\u53cb\u4eba\u6578\" width=\"89\" height=\"30\" border=\"0\" \/><\/a> <\/strong><a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2762&amp;name=20111213\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2015\/08\/eNews_images_2015_0161.gif\" alt=\"\" \/><\/a> <a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2764&amp;name=20111213\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2015\/08\/eNews_images_2015_0171.gif\" alt=\"\" \/><\/a> <a href=\"https:\/\/www.trendmicro.tw\/tw\/\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2015\/08\/eNews_images_2015_0131.gif\" alt=\"\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u8da8\u52e2\u79d1\u6280\u767c\u73fe\u4e00\u500b Trojan Android \u5ee3\u544a\u6728\u99ac\u7a0b\u5f0f Xavier (\u8da8\u52e2\u79d1\u6280\u5075\u6e2c\u5230\u70ba ANDROID [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[17,690,429,15],"tags":[2274,393,3299,1852,3300,1241,101],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/50421"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=50421"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/50421\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=50421"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=50421"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=50421"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}