If the developers and WHMCS would use Dynamic Key protection for their code, e.g. license queries could be secured so that they are not decrypted without the correct key. There is no 100% protection, but this option would make it more difficult for crackers. Pure ioncube encryption only provides moderate protection.
The Dynamic Key is not complicated, but unfortunately only few use it.
The decryption of WHMCS and/or modules is not only stupid for the developers, users of such programs gain a competitive advantage because they save costs and can offer their products accordingly cheaper.