A logic bomb can be referred to as an unwanted code that is inserted into a software program and triggered by the occurrence of a specific event. Asides from this, logic bombs can be harmless until the code comes to life to execute its malicious instruction.
The aim of logic bombs is to cause damage to the system they’re running on and they rely on some triggers to set them off. One of the common forms is the Time-based logic bomb also referred to as time bombs. The mode of operation is such that the action only occurs at a certain date and time.
As are viruses in general, some logic bombs are unwanted and harmful. However, this type of viruses are more dangerous as they can be unnoticeable and lie dormant for days, months, and I daresay longer before they are triggered. This makes it difficult for the user of the system who is oblivious to the looming danger.
One positive is that logic bomb viruses can be detected and removed by quality antivirus programs. I mean QUALITY antivirus programs. Freeware antivirus programs may not cut it. Meanwhile, it must be understood that not all logic bombs are viruses.
HOW A LOGIC BOMB VIRUS WORKS
A logic bomb can pass for an incomplete virus until it’s paired with a trigger. Logic bomb viruses can be described as a set of instructions that constantly listen for approval to execute what they have been programmed to do. The effect of the logic bomb is ultimately down to the intent for why it was designed and coded. Some common triggers for logic bombs include the following:
- Insertion or removal of a USB device
- The installation, launching or exiting of a specific software program
- Certain holiday periods or other special events
- When a certain command is entered into the computer.
After these triggers, the logic bomb virus then unloads the malicious code and the effect of this is based on the plan of the creator. Here are some possible effects of the malware:
- Passwords are stolen
- Corruption of system files
- The hard drive could be wiped clean
- Edition or deletion of files
- The system gets infected with numerous viruses, amongst other notable effects, to the detriment of the system and owner.
Meanwhile, a logic bomb can be temporarily disabled or disarmed. For instance, a scenario could be where the effect is the deletion of system files after a hard drive is removed from the computer. In this case, the creator can choose to reset it before the set time, and then postpone the action to a later day.
SOME LOGIC BOMB VIRUS EXAMPLES
- Revenge for job termination: An employee in charge of a company’s database could create a tool that monitors a database file containing the records of every employee in the system. He may then include a logic bomb that erases all the contents of the file but it’s set to only go off when his name or record is deleted. It could be set to launch at a later date to avoid suspicion and cover his tracks.
- Stealing a password: You may download a software program that carries out a specific task, But unknown to you, it comes with an underlying logic bomb that is set to go off and record your username and password when you visit a specific site and send the details to the creator.
- Carry out a DDoS attack: The unwanted code could be inserted into a program that is downloaded by thousands of folks. These programs communicate with each other to learn how many have been installed. Once a specific installation count is reached, the logic bomb virus then goes off and used in a DDoS attack to crash a website.
It must be noted that there are real-life examples of successful and failed attempts of logic bomb viruses. Some of them are mentioned below:
- In 2013, a logic bomb virus was executed in two banks and three TV networks. Their files were deleted.
- In 2019, a software developer created a time-based logic bomb virus whose action was to stop the programs he developed for firms from working so that he would be contacted and re-hired to fix them.
- In 2006, a staff of PaineWebber, an investment bank and brokerage firm, set up a logic bomb virus to erase the company’s servers after he was given a smaller bonus than he expected.
HOW LOGIC BOMBS CAN BE REMOVED AND PREVENTED
The tools that can be used to delete logic bomb viruses is the same as used in the removal of other malware. There are many tools that can installed on your computer to detect logic bomb viruses before they do damage. There are also tools that can scan your computer for viruses before it starts up.
Another good idea is backing up important data as the majority of logic bomb viruses serve to delete valuable data. This is a very good precautionary practice that should be embraced.
Another good idea to curb the effect of logic bomb viruses by businesses is to restrict and limit user privileges on a system. Lower-level privileges should be given to users instead of admin rights.
THE TRICK QUESTION: ARE ALL LOGIC BOMBS BAD?
If the effect of the logic bomb virus is malicious then it is bad and can be classified as malware, However, this is not the case for all logic bombs.
There are some logic bombs that are designed to limit the usage of features of a software program after a specific number of days or after a specified number of usages.
This kind only serves to limit features and could be based on a condition of usage rather than the ones that delete files. I believe this can be likened to trial versions of software apps that allow usage for a specified number of days and then restricts the user so he can subscribe to a higher plan for further usage of all features.
A lot of anti-virus programs come inbuilt with this kind of logic bomb. You’re given access to all features for a specified number of days. When the time limit elapses, some features are no longer accessible and you must then pay for full access to the software’s features. My guess is as good as yours. We’ve all used such programs.