That's brilliant. Make it as easy as possible for "cracked" versions of your product to contain malicious back doors, thus encouraging people to avoid the cracked copies and pay for a properly licensed one.
The downside for him may be that users don't really care whether they got a cracked version or a legitimate version when their computer gets infested with malware; they're going to write angry posts about it online and say his software is broken or broke their computer. So it may be in his brand's best interest to keep users from using malware versions, even if those users may deserve what they get.
The downside for him is that now also the average user has enough tips in order to crack the official trial by him/herself without risking to download it from peer to peer or other unknown site :)
I look at this as knowing my audience. I sell software for penetration tests and red team assessments (e.g., to hack into stuff; not check a box). The people who use my software easily have the skill set to do what I wrote about and defeat any anti-piracy measure I come up with. What to do? I think it's best to be very customer friendly, trust my audience, and make light of the 1337 cr4x0r who thinks they won a game I won't bother to play.
Nope... If his target audience was supposed to be average consumer then may be this will be an interesting move. But looks like his target audience is sufficiently sophisticated users. Those people will now realize that it is actually much easier to crack the trial software by themselves instead of getting from elsewhere. BTW, this software cost couple of grands PER user PER year. However I remain to be skeptical who wants this thing because (1) it requires social engineering and (2) there are much better and powerful and safer open source alternatives to run exploits.
(1) Social engineering is a key component of several high profile intrusions that happen today. The best way to help an organization understand their ability to detect, mitigate, and/or contain this type of attack is to do it.
(1a) Statements, such as "it requires social engineering" [it's not a valid vector] represent a dated understanding of hacker tactics and part of my work is to help folks with your view move their understanding forward. Usually the conversation is not a response to an adversarial comment like yours.
(2) Cobalt Strike builds on something called the Metasploit Framework. The Metasploit Framework is the largest open source collection of safe exploits. My product addresses gaps in this kit for executing attacks that mimic those high profile intrusions mentioned a moment ago. A successful operation requires more than an email with something bad attached.
(2a) Cobalt Strike's open source little sister is Armitage. A popular user interface and collaboration tool for the aforementioned "better and powerful and safer open source alternative to run exploits". I'm the developer of Armitage as well.
By "we", you mean technically savvy people. The number of us who need this software but don't make enough money to pay for it, or for some reason don't want to pay for it, is likely small enough to be ignored completely.