Revulytics Blog

Initial Analysis Piracy Activity of EDA, PLM and CAD Software

July 15, 2008


Based on the trends that have been evident with piracy activity involving high value software vendors, we performed some initial analysis of crack release activity and group trends. This study focused on Electronic Design Automation (EDA) and Product Lifecycle Management (PLM) software vendors.


  • We used several crack release search engines that we authenticated using our partner, Internet Crimes Group (ICG). ICG's data revealed a one-for-one correspondence with actual release activity available through several NFO/Dupecheck search engines.
  • We selected leading EDA and PLM vendors (revenues approximately greater than $500M revenue in 2007) and examined release activity for 17 different companies or major product lines between 2005-2008 (including Agilent, ANSYS, Autodesk, Cadence Design, Dassault, The MathWorks, Mentor Graphics, National Instruments, PTC, Solidworks and UGS/Siemens).
  • We sampled ".NFO" files for individual releases to further authenticate data, but did download or install actual cracks or available images.


  • Using the search parameters above, we found 984 crack releases.
  • Of the total number of releases examined, 21% were EDA related and 79% PLM/CAD.
  • Across all releases, the total number of piracy groups involved were 44. Within the EDA category there were 14 groups and the PLM/CAD category showed much greater diversity at 40 groups.
  • Top piracy groups for EDA vendors were: ZWTiSO (34%), MAGNiTUDE (26%), LND (20%) representing over 80% of cracks.
  • Top piracy groups for PLM/CAD: TBE (39%), FoRTuNe (10%), MAGNiTUDE (9%) and release distributed across 36 groups (below 5%).

Piracy Activity for EDA, PLM and CAD Software

Figure 1: Major Groups Contributing to Releases

  • We specifically drilled down on release activity on the most active group: TBE (The Bitter End) which had 1,934 releases between April 2005 and July 2008, averaging over 500 releases a year.
  • As of July 2008 this group will have released 346 unique software releases with a run rate that will approach 700 within a year, the highest level since 2005 (630).

Initial Analysis:
Over the next few months we will expand this study to determine the relationship and trending on non-EDA/PLM software as well as the crack methods.

However, the above data reaffirms the organization and efficiency of some of these groups when it comes to enabling piracy for high value software. We believe that the group diversity as well as the increased release activity for the PLM software titles is related to larger end user applicability of this software and the fact that these titles are less services intensive when compared to EDA software.

TBE poses a significant threat to the PLM/CAD vendor community with over 300 releases alone in this category (compared to close to 2,000 total releases across all categories). By averaging 500 releases a year or 1.4 releases a day, they demonstrate significant throughput. This suggests that disabling licensing mechanisms within these titles has become more scripting and signature based with little reverse engineering required. It also may suggest that many vendors have not implemented methods to verify the authenticity of the license files (i.e. Counterfeit Resistance Option). Without this feature enabled, the piracy groups can simply distribute rogue license key generators to defeat licensing.

New Call-to-action

Activate Your Data-Driven Compliance Program

Add new license revenue by detecting, identifying and converting unpaid users into paying customers.

Victor DeMarines

Post written by Victor DeMarines

Vice President, Products & Strategy at Revulytics

Victor DeMarines brings extensive security product management and marketing experience to Revulytics, where he is responsible for product strategy and direction. He is a frequent speaker and author on topics including piracy, reverse engineering and the protection of intellectual property.