The findings revealed that the piracy groups and the reverse engineering talent they recruit can tamper with a variety of hardware and software based licensing systems to enable overt piracy. In addition:
- Tampering or bypassing the embedded license enforcement is a key enabler of piracy.
- Acresso (formerly Macrovision) is still the predominant system used by high value software vendors. In this sample of 83 releases, 73 percent, or 60 releases, used a version of the Acresso FLEXnet licensing system.
- The top five piracy groups (out of 212) contributed 59 percent of the cracked releases in the research sample. The top five most active groups in this sample were Lz0 (Linear Zero), NULL, Shooters, LND (Legends Never Die) and Magnitude.
- Strengthening licensing using hardware dongles or tamper resistant licensing may be useful for preventing overuse within a licensed customer environment, but it should not be viewed as a defense against overt piracy.
- When vulnerabilities or “key maker” approaches were not possible, the groups resorted to binary patches that successfully modified or bypassed the license enforcement process within the application files.
Three general approaches were visible in the application sample:
Binary patches, which accounted for 52 percent of the cracked releases. A binary patch is achieved by patching installed application files or replacing the application with modified versions provided within the crack distribution.
The Key Maker approach was used in 36 percent of the releases. A key maker approach is based on a successful reverse engineering process performed by the cracking community. The process is able to recover the vendor seed data and algorithms used by the application to verify and enforce the license.
Vulnerability, a general class of crack approaches that does not require tampering of the software, accounted for 12 percent of the cracked releases. This approach relies on vulnerabilities in the licensing system implementation to bypass enforcement.
To support this analysis, V.i. Labs identified and obtained crack releases of high-value software from piracy top sites, mid-tier piracy distribution channels and individuals advertising applications for sale.
These applications traditionally contain significant intellectual property and provide solutions and functionality in Architecture Engineering and Construction (AEC), Computer Aided Design (CAD), Computer Aided Machine (CAM), Computer Aided Engineering (CAE), Electronic Design Automation (EDA), Product Lifecycle Management (PLM), and other specialized engineering and scientific modeling and analysis.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.