In part 6 of this multipart article we discussed the Rootkit. Recall from previous articles that the definition of malware is a type of software designed to take over or damage a computer, without the user’s knowledge or approval. Let’s discus the Logic Bomb!
A logic bomb is any malware designed to execute only under predefined conditions. The malware stays dormant until the predefined condition is met.
Logic bombs use a trigger activity to activate and carry out its task. For example, it may trigger on a specific date and time. Logic bombs usually do not self-replicate, however “logic” can be built into any other malware that does self-replicate. These are sometimes known as “time-bombs”.
Some popular cases in which logic bombs were used:
In February 2000, Tony Xiaotong, indicted before a grand jury, was accused of planting a logic bomb during his employment as a programmer and securities trader at Deutsche Morgan Grenfell. The bomb, planted in 1996, had a trigger date of July 20, 2000, but was discovered by other programmers in the company. Removing and cleaning up after the bomb allegedly took several months
On March 20, 2013 an attack was launched against South Korea, a logic bomb struck machines “and wiped the hard drives and master boot records of at least three banks and two media companies simultaneously”. Symantec reported that the malware also contained a component that was capable of wiping Linux machines.
Logic bombs can be difficult to detect. The best defense? Prevention. Keep your systems updated with the latest patches for all software you run, and ensure you have the latest anti-virus software definition updates. Avoid clicking on links and opening attachments if you did not expect it to be sent.
Stay tuned for our next article where we will cover SPYWARE. Or, you can subscribe to our newsletter using the form on the top right and have our informative articles delivered to you via email once a week.