AVG Signal Blog Security Malware What Is a Logic Bomb Virus and How to Prevent It
What-is-a-logic-bomb-and-how-to-prevent-it-Hero

What is a logic bomb virus?

A logic bomb virus is a computer virus that contains a logic bomb, which is malicious code that triggers an attack when specific conditions are met. Positive conditions refer to something happening, like a program opening, while negative conditions refer to something not happening, like someone not logging in.

This article contains:

    Logic bombs are often installed by someone with high-level access, such as a system administrator. Such a person can cause mayhem by setting up logic bombs on multiple systems and programming them to “blow up” simultaneously when a certain event occurs, like when an employee is removed from the company’s salary database.

    Another name for a logic bomb is slag code, which refers to the manipulated code that makes an otherwise safe program harmful. Time bombs are a popular type of logic bomb, and sometimes the two terms are used interchangeably. Logic bombs are also sometimes called code bombs or cyber bombs.

    Whatever name is used, a logic bomb’s method of attack is clear: lie dormant in infected software until triggered. Common attacks involve corrupting data, deleting files, and clearing out hard drives.

    How does a logic bomb work?

    The way a logic bomb works depends on the bombmaker. Every logic bomb is unique, which is why they’re difficult to track. They’re usually customized to be as undetectable as possible. Logic bombs are often dressed up to look like a typical computer virus, or inserted into other types of malware such as worms. Worms and viruses are different, but logic bombs don’t care about the distinction: they can cause destruction via either one.

    Logic bombs are often installed by someone with high-level access, such as a system administrator. Such a person can cause mayhem by setting up logic bombs on multiple systems and programming them to “blow up” simultaneously when a certain event occurs.

    Is a logic bomb actually malware? Since logic bombs are part of other programs, no, but they do usually have malicious intent. That’s why logic bombs are so hard to detect. Though they often ride inside logic bomb viruses, logic bombs can be placed anywhere.

    Keep an eye out for anything strange, and ask an expert if you suspect your system is at risk. You might trigger a logic bomb without meaning to.

    The characteristics of a logic bomb virus

    All logic bomb viruses contain logic bombs, and all logic bombs share the following characteristics:

    • They lie dormant until triggered.

    • They carry an unknown payload, which is the part of the code that performs the attack.

    • They deliver the payload when a certain condition is met.

    Among other things, a logic bomb can deliver its payload when:

    • A specified amount of time elapses. 

    • A specific date occurs.

    • A certain transaction is processed.

    • A particular program opens.

    • Someone (for example, an admin) fails to log in.

    And a logic bomb’s potential payload may be designed to:

    • Corrupt data.

    • Wipe hard drives.

    • Delete files.

    • Siphon off funds.

    • Gather sensitive data.

    Logic bombs may be slow to reveal themselves, but very quickly they can explode into major problems.

    A logic bomb hides inside other software and launches a malicious attack when certain conditions are met

    Is a time bomb virus the same as a logic bomb virus?

    Time bombs are a subspecies of logic bombs. A normal logic bomb goes off when a certain event occurs or a particular condition is met, such as a specific sequence of keystrokes. A time bomb is a ticking logic bomb programmed to execute at a specified time or date. In other words, a logic bomb needs to be stepped on, so to speak, to explode, while a time bomb will explode no matter what, unless it’s stopped.

    “Time bomb malware” is sometimes used to refer to time bombs, though this is a bit of a misnomer. Just like logic bombs, time bombs hide inside various types of malware while not technically being malware themselves. A time bomb virus — also technically a misnomer — is nevertheless a term often used to refer to a virus carrying a time bomb.

    Removing malware also clears out any time bombs or logic bombs hiding inside. It’s impossible to know exactly where a bomb is lying in wait, but a robust antivirus program like AVG AntiVirus FREE will scan and investigate every corner of your computer so you don’t have to.

    Logic bomb and time bomb examples

    Logic bombs can subtly change a snippet of code so it appears technically normal-looking to an automated system searching for threats, while being ultra-fishy to a human. In 2016, a programmer caused spreadsheets to malfunction at a branch of the Siemens corporation every few years, so that they had to keep hiring him back to fix the problem. In this case, the humans didn’t even suspect anything until a lucky coincidence forced the malicious code out into the open.

    A time bomb is a type of logic bomb that triggers a malicious function at a specified time or date

    Companies can use logic bombs to hack you, too. In 2005, Sony got enmeshed in a scandal for releasing CDs that unleashed a logic bomb when inserted into a computer. The logic bomb on the CDs installed a rootkit that blocked the PC’s ability to copy the CDs. 

    Another high-profile case occurred in the early 2000s, when an employee at UBS Global, upset over a salary dispute, planted a time bomb that caused over three million dollars in damages. A very small piece of code can cause a very large amount of harm.

    In 2013, a time bomb attack in South Korea wiped the hard drives of several banks and broadcasting companies. The group responsible for the hack put the time bomb inside malware that ended up infecting over 32,000 systems. The bombs all went off at once, causing havoc across the country.

    Are there uses for a logic bomb that are not malicious?

    The term logic bomb applies only to malicious code. But the programming that stops trial software from working until you pay for it is, technically, a kind of time bomb. “Time bomb software” isn’t exactly a flattering term, so companies offer “trialware” instead. 

    A programmer could insert a snippet of code into any software to make it stop working for good reasons, such as when an unauthorized user logs in. If it helps instead of harms, it isn’t a logic bomb.

    How to prevent logic bomb attacks

    Hackers like packing logic bombs into viruses and malware, so general website safety is a solid first line of defense. By practicing good internet hygiene, you can keep your system clean.

    As a second line of defense, get quality antivirus software that can detect logic bombs in real time and remove them from your system. Wondering what’s the best free antivirus software out there? AVG’s incredibly robust malware removal tool comes packed with features to keep your machine safe and free of all kinds of malware.

    AVG AntiVirus FREE protects against all types of malware

    Without antivirus software, viruses and malware can slip into your device unnoticed. In the event that happens, learn how to get rid of a computer virus manually as well as how to remove a virus from your phone. This can be difficult if you aren’t too tech-savvy, and you may not find all the bugs and other remnants. That’s why automating your defenses with powerful antivirus software is so important.

    If all else fails, call in the experts. Our team of cybersecurity specialists here at AVG have built an app from the ground up that will disarm whatever malware is lurking in your machine. If you have valuable information you want to keep safe, don’t take any chances.

    Defend against logic bombs with AVG AntiVirus FREE

    When someone crafts a logic bomb, they mean business. Logic bombs are built to inflict maximum harm in the trickiest way possible. And they can hide inside a system for years only to do irreversible harm when they explode. 

    AVG AntiVirus FREE scans every nook and cranny of your device for threats, rejects unsafe links and attachments, and blocks viruses before they can infect your computer. And with real-time, 24-hour protection and automatic security updates, you’ll be safe around the clock.

    Protect your iPhone against security threats with AVG Mobile Security

    Free install

    Block logic bombs and prevent threats with AVG AntiVirus

    Free install