To top
Company Company

Hackers Contest


Wibu-Systems has been organizing hackers' contests for many years to prove the strength of CodeMeter® security. We have hosted these events in Germany, Russia and China (with China and Russia known to have the highest piracy rates in the world) to prove that our products represent the pinnacle of secure licensing and intellectual property protection. No contestant has ever succeeded in cracking the sample application protected by CodeMeter.

Hackers' Contest 2011 in Russia

We held our most recent hackers' contest in Russia between November 23rd and December 8th, 2011. The participants were motivated by the 20,000 Euro, which would be rewarded to anyone who could crack the CodeMeter's protection. Access to the application needed to be attained without the use of a debugger. If a debugger was detected, the CmStick would lock the licensed software and stop it from being accessed any longer. CodeMeter once again proved its comprehensive abilities for protecting software. Not one of the 144 participants was able to crack the CodeMeter protected sample application. Our distribution partner in Russia – Rainbow Security – was thoroughly excited by the results especially when considering the number of encryption experts native to Russia. 

The bottom line: CodeMeter was successful again. 
CodeMeter was not cracked and not even partial solutions were attained.

Hackers' Contest 2010 in Shanghai

All Chinese-located contestants registered for the hackers' contest 2010 had a chance of winning the prize of 100,000 RMB. The Chinese competition started on October 20, 2010 and ended on November 19, 2010. The challenge was to crack the protected contest application and run without CmStick protecting it. Operating a contest under real-world conditions meant that the hackers would have access to the protection hardware. For this reason, each contestant received a CmStick.

The bottom line: CodeMeter was successful again. 
CodeMeter was not cracked and not even partial solutions were attained.

Hackers' Contest 2007

Wibu-Systems Contest: unbeaten for the fourth time

No protection system can be 100% secure but we will not stop fighting back. In the past, we have organised competitions at Wibu-Systems to test the security of our products. These competitions put a protected program up for cracking and revealed that the protection could not be cracked and the application could not be made to run without the matching license in the WibuBox. This practical test is serious and relevant to software manufacturers who want to publish protected software products for free download from their websites.
In our hackers' contest 2007, we went one step further. Not only did the participants receive the protected application, but also a CmDongle with the corresponding license. Over a thousand contestants entered the competition with prize money worth US$ 40,000 (approximately 32,750 Euro).

The Challenge

To win the contest the participants had to manipulate the software protected by CodeMeter to run without the CmDongle.

The two functions of the competition:

  • A program only executable with CmDongle
  • Function 1: Feature bit set in the CmDongle -> run
  • Function 2: Feature bit not set in the CmDongle
  • Both functions revealed a password


  • To find out the two passwords
  • To make the program completely executable without the CmDongle
  • To email the solution and the cracked program to Wibu-Systems


1092 contestants from 27 countries entered the contest and had up to six weeks to remove the copy protection and claim the attractive reward. Most contestants came from Germany, followed by China, USA, the Netherlands, Poland, Hungary, France, Great Britain, and the Ukraine.


Although the challenge was theoretically solvable, none of the contestants could fully remove the protection. Most of the contestants fell into the trap of trying to by-pass intruder detection and had their license locked on the CmStick. The only remaining option was to use brute force attacks to decrypt the code. The chance of breaking the 128-bit AES encryption was pracitically zero.

  • No one succeeded completely
  • No attack against the encryption was recorded
  • No attack against the hardware or manipulation of the Feature Map was recorded

Other contestants stumbled at other hurdles. The contest did produce some excellent partial solutions, which won the contestants prizes worth between 500 and 2,000 Euro. Hackers or crackers follow different paths to developers, and the partial solutions represented important input for Wibu-Systems. The partial winners discovered some previously undetected weaknesses in the system. Discovering these vulnerabilities allowed Wibu-Systems to strengthen its security capabilities.

  • Partial solutions
  • Partial memory dump
  • Partial record/playback approach
  • Partial solutions awarded with prizes worth 16,000 Euro

The Bottom Line

No security system is 100% secure, but a high level of security can be achieved with:

  • Secure Hardware: The CmDongle provides secure key storage and strong encryption in a smart card chip. The CodeMeter system includes crack detection to lock the license key.
  • Secure Integration Technology: The code and resources of the protected application are never fully decrypted in the main memory of the PC. Variable encryption, anti-debugging and obfuscation technologies as well as tools to individually integrate the source code are used to further increase security.

CodeMeter has never been cracked!