Friday, July 07, 2006

what is a logic bomb?

a logic bomb is a piece of malware that waits for some logical condition to be met on the affected computer before carrying out it's malicious behaviour...

the condition a logic bomb waits for could be anything measurable/detectable within the computer - a specific key or combination of keys being pressed, the existence of a file, the free space on the drive being equal to some predetermined value...

the most well known condition used in logic bombs, however, is the system time being equal to (or greater than, sometimes) a specific date/time... logic bombs that trigger on system time are a subcategory known as time bombs and are the most well known because time-based triggers are quite reliable (more so than waiting for a key combination that may never be typed) and relatively easy to implement so they have historically gotten used the most by malware writers when implementing logic bomb functionality (or payloads as they're often called when attached to some other class of malware)...

back to index

0 comments: