Page 1 of 1
- FreeBooterSite Admin
OS : Windows 10
Arch. : x64 (64-bit)
Anti-Malware : ESET Smart Security
Posts : 1987
Rubies : 813783
Likes : 206
What is a Logic Bomb?
A logic bomb is code that has been inserted into otherwise normally functioning software that will activate when certain conditions are met. This could be something as simple as a certain date or time being reached, but it could be as complex as an employee being removed from an HR database or a system receiving a specific type of packet or logon.
Logic bombs that are taking action due to a date, time, or condition has often been integrated into other types of malware. One of most famous of these was the Michelangelo virus from the early 1990s, which was designed to destroy the contents of the first part of infected systems’ hard drives on March 6.
The logic bomb also designed to wait until you visit a website that requires you to log in with your credentials, such as a banking site or social network. Consequently, this will trigger the logic bomb to execute the keylogger and capture your credentials and send them to a remote attacker.
When a logic bomb is programmed to execute when a specific date is reached, it is referred to as a time bomb. Disgruntled employees have created time bombs to execute within their organizations’ networks and destroy as much data as possible in the event that they are terminated. The malicious code will remain dormant as long as the programmer exists in the organization’s payroll system.
Trap doors, also referred to as backdoors, are bits of code embedded in programs by the programmer(s) to quickly gain access at a later time, often during the testing or debugging phase. If an unscrupulous programmer purposely leaves this code in or simply forgets to remove it, a potential security hole is introduced. Hackers often plant a backdoor on previously compromised systems to gain later access. Trap doors can be almost impossible to remove in a reliable manner. Often, reformatting the system is the only sure way.
An attacker can plant the logic bomb via a variety of means on multiple platforms, such as hiding the malicious code in a script or deploying it on a SQL server. Logic bombs are difficult to prevent because they can be deployed from almost anywhere. For best results, the auto-protect and e-mail screening functions of the anti-virus program should be activated by the computer user whenever the machine is online. In a network, each computer should be individually protected, in addition to whatever protection is provided by the network administrator. There is unfortunately no way to prevent a well written logic bomb from damaging your system. This is one reason (among many) that having good backups of important data is so important.
Did you find this tutorial helpful? Don’t forget to share your views with us.
Create an account or log in to leave a reply
You need to be a member in order to leave a reply.
Page 1 of 1
Permissions in this forum:You cannot reply to topics in this forum