Logic bombs are often installed by someone with high-level access, such as a system administrator. Such a person can cause mayhem by setting up logic bombs on multiple systems and programming them to “blow up” simultaneously when a certain event occurs, like when an employee is removed from the company’s salary database.
Another name for a logic bomb is slag code, which refers to the manipulated code that makes an otherwise safe program harmful. Time bombs are a popular type of logic bomb, and sometimes the two terms are used interchangeably. Logic bombs are also sometimes called code bombs or cyber bombs.
Whatever name is used, a logic bomb’s method of attack is clear: lie dormant in infected software until triggered. Common attacks involve corrupting data, deleting files, and clearing out hard drives.
How does a logic bomb work?
The way a logic bomb works depends on the bombmaker. Every logic bomb is unique, which is why they’re difficult to track. They’re usually customized to be as undetectable as possible. Logic bombs are often dressed up to look like a typical computer virus, or inserted into other types of malware such as worms. Worms and viruses are different, but logic bombs don’t care about the distinction: they can cause destruction via either one.
Logic bombs are often installed by someone with high-level access, such as a system administrator. Such a person can cause mayhem by setting up logic bombs on multiple systems and programming them to “blow up” simultaneously when a certain event occurs.
Is a logic bomb actually malware? Since logic bombs are part of other programs, no, but they do usually have malicious intent. That’s why logic bombs are so hard to detect. Though they often ride inside logic bomb viruses, logic bombs can be placed anywhere.
Keep an eye out for anything strange, and ask an expert if you suspect your system is at risk. You might trigger a logic bomb without meaning to.
The characteristics of a logic bomb virus
All logic bomb viruses contain logic bombs, and all logic bombs share the following characteristics:
They lie dormant until triggered.
They carry an unknown payload, which is the part of the code that performs the attack.
They deliver the payload when a certain condition is met.
Among other things, a logic bomb can deliver its payload when:
A specified amount of time elapses.
A specific date occurs.
A certain transaction is processed.
A particular program opens.
Someone (for example, an admin) fails to log in.
And a logic bomb’s potential payload may be designed to:
Wipe hard drives.
Siphon off funds.
Gather sensitive data.
Logic bombs may be slow to reveal themselves, but very quickly they can explode into major problems.
Is a time bomb virus the same as a logic bomb virus?
Time bombs are a subspecies of logic bombs. A normal logic bomb goes off when a certain event occurs or a particular condition is met, such as a specific sequence of keystrokes. A time bomb is a ticking logic bomb programmed to execute at a specified time or date. In other words, a logic bomb needs to be stepped on, so to speak, to explode, while a time bomb will explode no matter what, unless it’s stopped.
“Time bomb malware” is sometimes used to refer to time bombs, though this is a bit of a misnomer. Just like logic bombs, time bombs hide inside various types of malware while not technically being malware themselves. A time bomb virus — also technically a misnomer — is nevertheless a term often used to refer to a virus carrying a time bomb.
Removing malware also clears out any time bombs or logic bombs hiding inside. It’s impossible to know exactly where a bomb is lying in wait, but a robust antivirus program like AVG AntiVirus FREE will scan and investigate every corner of your computer so you don’t have to.
Logic bomb and time bomb examples
Logic bombs can subtly change a snippet of code so it appears technically normal-looking to an automated system searching for threats, while being ultra-fishy to a human. In 2016, a programmer caused spreadsheets to malfunction at a branch of the Siemens corporation every few years, so that they had to keep hiring him back to fix the problem. In this case, the humans didn’t even suspect anything until a lucky coincidence forced the malicious code out into the open.
Companies can use logic bombs to hack you, too. In 2005, Sony got enmeshed in a scandal for releasing CDs that unleashed a logic bomb when inserted into a computer. The logic bomb on the CDs installed a rootkit that blocked the PC’s ability to copy the CDs.
Another high-profile case occurred in the early 2000s, when an employee at UBS Global, upset over a salary dispute, planted a time bomb that caused over three million dollars in damages. A very small piece of code can cause a very large amount of harm.
In 2013, a time bomb attack in South Korea wiped the hard drives of several banks and broadcasting companies. The group responsible for the hack put the time bomb inside malware that ended up infecting over 32,000 systems. The bombs all went off at once, causing havoc across the country.
Are there uses for a logic bomb that are not malicious?
The term logic bomb applies only to malicious code. But the programming that stops trial software from working until you pay for it is, technically, a kind of time bomb. “Time bomb software” isn’t exactly a flattering term, so companies offer “trialware” instead.
A programmer could insert a snippet of code into any software to make it stop working for good reasons, such as when an unauthorized user logs in. If it helps instead of harms, it isn’t a logic bomb.
How to prevent logic bomb attacks
Hackers like packing logic bombs into viruses and malware, so general website safety is an important first line of defense. By practicing good internet hygiene, you can help keep your system clean. But when it comes to logic bomb prevention, you need a layered, sophisticated approach.
Here are the most important steps you can take to prevent logic bombs:
Use antivirus software
The best form of protection is quality antivirus software that can detect logic bombs in real time and remove them from your system. Wondering what’s the best free antivirus software out there? AVG’s incredibly robust malware removal tool comes packed with features to keep your machine safe and free of all kinds of malware.
Keep antivirus software up to date
Without updated antivirus software, viruses and malware can still slip into your device unnoticed. In the event that happens, learn how to get rid of a computer virus manually as well as how to remove a virus from your phone. This can be difficult if you aren’t too tech-savvy, and you may not find all the bugs and other remnants. That’s why automating your defenses with powerful antivirus software that keeps itself up to date is so important.
Scan all files
Logic bombs are often hidden in places you wouldn’t necessarily expect to find malware, such as nestled within compressed files. So one of the best ways to detect and defend against logic bomb attacks is to scan incoming files including downloads, attachments, and USB imports. Likewise, you’ll need to run a full antivirus scan (rather than a quick scan option) to catch logic bombs already embedded within your system.
Avoid pirated software
Using pirated software isn’t just illegal — it’s dangerous. When you buy licensed software from a reputable vendor, you can be sure it’s safe and that malware isn’t lurking in the depths of its code. That’s certainly not the case for cracked software that’s been tampered with by a hacker. In fact, pirated software is one of the most popular vectors for delivering logic bombs and other malware.
Beware of phishing emails
Phishing emails aren’t always tech support scams or other fraudulent ploys. Sometimes they’re designed to trick you into clicking a link or opening an attachment that contains malware. Learning how to spot and avoid phishing attacks is one of the most important ways that you can shield your device from logic bombs and other harmful software.
Never trust unsecured web links
If you ever click a link and receive a “Your connection is not private” error, that means your browser isn’t able to authenticate the website the link is directing you to. This should be a major red flag not to proceed. Not only could it be a fake web page containing malware, but your connection wouldn't benefit from SSL protection, meaning your internet data would be vulnerable to man-in-the-middle attacks or other hacks.
Defend against logic bombs with AVG AntiVirus FREE
When someone crafts a logic bomb, they mean business. Logic bombs are built to inflict maximum harm in the trickiest way possible. And they can hide inside a system for years only to do irreversible harm when they explode.
AVG AntiVirus FREE scans every nook and cranny of your device for threats, rejects unsafe links and attachments, and blocks viruses before they can infect your computer. And with real-time, 24-hour protection and automatic security updates, you’ll be safe around the clock.