logic bombA ‘logic bomb’ is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.

For example, a programmer may hide a piece of code that starts deleting files, such as a salary database trigger, should they ever be terminated from the company.

Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre-defined time or when some other condition is met. This technique can be used by a virus or worm to gain momentum and spread before being noticed. Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fools' Day. Trojans that activate on certain dates are often called "time bombs".

To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software. As an example, trial programs with code that disables certain functionality after a set time are not normally regarded as logic bombs.

A good example of a logic bomb represents the incident when in October 2005, Mark Russinovich discovered that Sony BMG had embedded a logic bomb in their music CDs which silently and without consent installed insecure software on their customers' computers. This software monitored and reported the listening habits of the customer. It also altered the operating system's access to their hardware. The remote access paths opened by the trojan were insecure and could be exploited by other malicious software. They distributed roughly 22 million of these CDs.

Another good example happened on 20 March 2013 in an attack launched against South Korea, a logic bomb struck machines and wiped the hard drives and master boot records of at least three banks and two media companies simultaneously. Symantec reported that the malware also contained a component that was capable of wiping Linux machines. (Source: Wikipedia)

By MediaBUZZ