Microsoft goes rogue while closing support tickets
Posted: 18-Mar-2023 | 11:16AM · 0 Replies · Permalink
This is as disgusting at it can ever get for a company. Its neither legal nor in compliance with MS policies. Even worse, will this land as the next under the radar exploit? Why is that repository even accessible even to MS support personnel?
The Microsoft support engineer in this case, ran the following PowerShell command on the customer's Windows PC (URL slightly modified to prevent execution):
irm hxxps://massgrave[.]dev/get | iex
The command establishes a connection to massgrave.dev, an unofficial repository of Windows and Office "activator" scripts that may slip under the radar of most antivirus products.
Login or register to participate.