From 2a15c0d73ba6b92816a5116a70447422da87e0ab Mon Sep 17 00:00:00 2001
From: Mathieu4141 <mathieu@feedly.com>
Date: Fri, 20 Dec 2024 02:55:34 -0800
Subject: [PATCH] [threat-actors] Add Massgrave

---
 clusters/threat-actor.json | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 6aab960..f43813c 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -17504,6 +17504,16 @@
       },
       "uuid": "c4ff73cd-858a-4e84-b2cd-929532f8c320",
       "value": "INDOHAXSEC TEAM"
+    },
+    {
+      "description": "Massgrave is a hacking group that has developed a method to bypass Microsoft's software licensing for Windows and Office, enabling permanent activation of versions from Windows Vista to Windows 11. They are known for creating effective scripts for software activation, which are distributed through an unofficial repository at massgrave.dev. The group claims their exploit supports volume activation via the Key Management Services model and has gained traction within the piracy scene. Reports indicate that their tools may be used by unauthorized individuals, including Microsoft support agents, raising legal and security concerns.",
+      "meta": {
+        "refs": [
+          "https://www.techspot.com/news/105785-mas-developers-achieve-major-breakthrough-windows-office-cracking.html"
+        ]
+      },
+      "uuid": "48e2e297-55bd-4a6f-9c72-bc10ed06afa1",
+      "value": "Massgrave"
     }
   ],
   "version": 321