Logic bomb

Last updated

A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files (such as a salary database trigger), should they ever be terminated from the company.

Contents

Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre-defined time or when some other condition is met. This technique can be used by a virus or worm to gain momentum and spread before being noticed. Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fools' Day. Trojans and other computer viruses that activate on certain dates are often called "time bombs".

To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software. As an example, trial programs with code that disables certain functionality after a set time are not normally regarded as logic bombs.

Successful

Attempted

Alleged

Thomas C. Reed wrote in his 2004 book At the Abyss: An Insider's History of the Cold War that in 1982, a sabotage occurred on the Trans-Siberian Pipeline because of a logic bomb. According to Reed, a KGB operative stole the plans for a sophisticated control system and its software from a Canadian firm, for use on its Siberian pipeline. The Central Intelligence Agency (CIA) was tipped off by documents in the Farewell Dossier, and had the company insert a logic bomb in the program for sabotage purposes. [20] [21] Critics have contested the authenticity of this account, [22] [23] and it was reported that the story may be a hoax. [24]

Fictional

See also

Related Research Articles

Spyware is any software with malicious behavior that aims to gather information about a person or organization and send it to another entity in a way that harms the user by violating their privacy, endangering their device's security, or other means. This behavior may be present in malware and in legitimate software. Websites may engage in spyware behaviors like web tracking. Hardware devices may also be affected.

<span class="mw-page-title-main">Timeline of computer viruses and worms</span> Computer malware timeline

This timeline of computer viruses and worms presents a chronological timeline of noteworthy computer viruses, computer worms, Trojan horses, similar malware, related research and events.

A key generator (key-gen) is a computer program that generates a product licensing key, such as a serial number, necessary to activate for use of a software application. Keygens may be legitimately distributed by software manufacturers for licensing software in commercial environments where software has been licensed in bulk for an entire site or enterprise, or they may be developed and distributed illegitimately in circumstances of copyright infringement or software piracy.

A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence or the existence of other software. The term rootkit is a compound of "root" and the word "kit". The term "rootkit" has negative connotations through its association with malware.

<span class="mw-page-title-main">Blaster (computer worm)</span> 2003 Windows computer worm

Blaster was a computer worm that spread on computers running operating systems Windows XP and Windows 2000 during August 2003.

<span class="mw-page-title-main">Gen Digital</span> Multinational software company

Gen Digital Inc. is a multinational software company co-headquartered in Tempe, Arizona and Prague, Czech Republic. The company provides cybersecurity software and services. Gen is a Fortune 500 company and a member of the S&P 500 stock-market index. The company also has development centers in Pune, Chennai and Bangalore. Its portfolio includes Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, and CCleaner.

Norton AntiVirus is an anti-virus or anti-malware software product founded by Peter Norton, developed and distributed by Symantec since 1990 as part of its Norton family of computer security products. It uses signatures and heuristics to identify viruses. Other features included in it are e-mail spam filtering and phishing protection.

Peter Norton Computing, Inc., was a software company founded by Peter Norton. The first and best known software package it produced was Norton Utilities. Another successful software package was Norton Commander, especially the DOS version. The company in this form lasted from its founding in 1982 until 1990, when it was acquired by Symantec.

<span class="mw-page-title-main">Norton Utilities</span> Computer utility software

Norton Utilities is a utility software suite designed to help analyze, configure, optimize and maintain a computer. The latest version of the original series of Norton Utilities is Norton Utilities 16 for Windows XP/Vista/7/8 was released 26 October 2012.

Xcitium, formerly known as Comodo Security Solutions, Inc., is a cybersecurity company headquartered in Bloomfield, New Jersey.

Jerusalem is a logic bomb DOS virus first detected at Hebrew University of Jerusalem, in October 1987. On infection, the Jerusalem virus becomes memory resident, and then infects every executable file run, except for COMMAND.COM. COM files grow by 1,813 bytes when infected by Jerusalem and are not re-infected. Executable files grow by 1,808 to 1,823 bytes each time they are infected, and are then re-infected each time the files are loaded until they are too large to load into memory. Some .EXE files are infected but do not grow because several overlays follow the genuine .EXE file in the same file. Sometimes .EXE files are incorrectly infected, causing the program to fail to run as soon as it is executed.

In computer software, a time bomb is part of a computer program that has been written so that it will start or stop functioning after a predetermined date or time is reached. The term "time bomb" does not refer to a program that stops functioning a specific number of days after it is installed; instead, the term "trialware" applies. Time bombs are commonly used in beta (pre-release) software when the manufacturer of the software does not want the beta version being used after the final release date. One example of time bomb software would be Microsoft's Windows Vista Beta 2, which was programmed to expire on May 31, 2007. The time limits on time bomb software are not usually as heavily enforced as they are on trial software, since time bomb software does not usually implement secure clock functions.

<span class="mw-page-title-main">Kernel Patch Protection</span> Security feature of Microsoft Windows

Kernel Patch Protection (KPP), informally known as PatchGuard, is a feature of 64-bit (x64) editions of Microsoft Windows that prevents patching the kernel. It was first introduced in 2005 with the x64 editions of Windows XP and Windows Server 2003 Service Pack 1.

<span class="mw-page-title-main">Computer virus</span> Computer program that modifies other programs to replicate itself and spread

A computer virus is a type of malware that, when executed, replicates itself by modifying other computer programs and inserting its own code into those programs. If this replication succeeds, the affected areas are then said to be "infected" with a computer virus, a metaphor derived from biological viruses.

<span class="mw-page-title-main">Albert Gonzalez</span> American computer hacker and criminal

Albert Gonzalez is an American computer hacker, computer criminal and police informer, who is accused of masterminding the combined credit card theft and subsequent reselling of more than 170 million card and ATM numbers from 2005 to 2007, the biggest such fraud in history. Gonzalez and his accomplices used SQL injection to deploy backdoors on several corporate systems in order to launch packet sniffing attacks which allowed him to steal computer data from internal corporate networks.

Zeus is a Trojan horse malware package that runs on versions of Microsoft Windows. It is often used to steal banking information by man-in-the-browser keystroke logging and form grabbing. Zeus is spread mainly through drive-by downloads and phishing schemes. First identified in July 2007 when it was used to steal information from the United States Department of Transportation, it became more widespread in March 2009. In June 2009 security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster.com, ABC, Oracle, Play.com, Cisco, Amazon, and BusinessWeek. Similarly to Koobface, Zeus has also been used to trick victims of technical support scams into giving the scam artists money through pop-up messages that claim the user has a virus, when in reality they might have no viruses at all. The scammers may use programs such as Command prompt or Event viewer to make the user believe that their computer is infected.

Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing substantial damage to the nuclear program of Iran. Although neither country has openly admitted responsibility, multiple independent news organizations recognize Stuxnet to be a cyberweapon built jointly by the United States and Israel in a collaborative effort known as Operation Olympic Games. The program, started during the Bush administration, was rapidly expanded within the first months of Barack Obama's presidency.

Shamoon, also known as W32.DistTrack, is a modular computer virus that was discovered in 2012, targeting then-recent 32-bit NT kernel versions of Microsoft Windows. The virus was notable due to the destructive nature of the attack and the cost of recovery. Shamoon can spread from an infected machine to other computers on the network. Once a system is infected, the virus continues to compile a list of files from specific locations on the system, upload them to the attacker, and erase them. Finally the virus overwrites the master boot record of the infected computer, making it unusable.

Xbox Underground was an international hacker group responsible for gaining unauthorized access to the computer network of Microsoft and its development partners, including Activision, Epic Games, and Valve, in order to obtain sensitive information relating to Xbox One and Xbox Live.

References

  1. Man accused of crashing UBS servers | The Register
  2. "Nightmare On Wall Street: Prosecution Witness Describes 'Chaos' In UBS PaineWebber Attack - News by InformationWeek". Archived from the original on 28 October 2007. Retrieved 8 December 2006.
  3. Former UBS Computer Systems Manager Gets 97 Months for Unleashing "Logic Bomb" on Company Network Archived 30 September 2007 at the Wayback Machine
  4. "Government waging 'war' against people: Kim Zetter". Wired . Retrieved 3 April 2013.
  5. Lee, Se Young (20 March 2013). "South Korea raises alert after hackers attack broadcasters, banks: Se Young Lee". Reuters . Retrieved 3 April 2013.
  6. "Remote Linux Wiper Found in South Korean Cyber Attack". Symantec. Archived from the original on 24 March 2013. Retrieved 3 April 2013.
  7. "South Korean Banks and Broadcasting Organizations Suffer Major Damage from Cyber Attack". Symantec. Archived from the original on 24 March 2013. Retrieved 3 April 2013.
  8. "Siemens Contract Employee Intentionally Damaged Computers by Planting Logic Bombs into Programs He Designed". www.justice.gov. United States Department of Justice. 19 July 2019. Retrieved 9 September 2019.
  9. Cimpanu, Catalin. "Siemens contractor pleads guilty to planting logic bomb in company spreadsheets". ZDNet. Retrieved 9 September 2019.
  10. List, Jenny (6 December 2023). "The Deere Disease Spreads To Trains". Hackaday. Retrieved 6 December 2023.
  11. "O trzech takich, co zhakowali prawdziwy pociąg – a nawet 30 pociągów". Zaufana Trzecia Strona (in Polish). 5 December 2023. Retrieved 6 December 2023.
  12. "Man Indicted in Computer Case". The New York Times . 10 February 2000. pp. C.7.
  13. Vijayan, Jaikumar. "Unix Admin Pleads Guilty to Planting Logic Bomb". PC World. Archived from the original on 28 October 2007. Retrieved 22 September 2007.
  14. "2.5 Years in Jail for Planting 'Logic Bomb'". Slashdot. 9 January 2008.
  15. "Fannie Mae Contractor Indicted For Logic Bomb". Archived from the original on 20 June 2009. Retrieved 29 January 2009.
  16. Former Employee of Fannie Mae Contractor Convicted of Attempting to Destroy Fannie Mae Computer Data Archived 7 October 2010 at the Wayback Machine 4 October 2010
  17. Stephen C. Webster (31 December 2010). "Programmer jailed three years over plot to wipe out all of Fannie Mae's financial data". The Raw Story . Archived from the original on 8 May 2014. Retrieved 26 May 2012.
  18. TSA Worker Gets 2 Years for Planting Logic Bomb in Screening System 12 January 2011
  19. Springs man sent to prison for hacking into TSA computer Archived 15 December 2012 at the Wayback Machine 11 January 2011
  20. Reed, Thomas C. (2004). At the Abyss: An Insider's History of the Cold War . Random House Pub. ISBN   978-0-8914-1821-4.
  21. French, Matthew (26 April 2004). "Tech sabotage during the Cold War". Federal Computer Week. 1105 Media. Archived from the original on 3 April 2019. Retrieved 18 December 2013.
  22. Medetsky, Anatoly (18 March 2004). "KGB Veteran Denies CIA Caused '82 Blast". The Moscow Times. Archived from the original on 31 January 2016. Retrieved 30 July 2015.
  23. Hesseldahl, Arik; Kharif, Olga (10 October 2014). "Cyber Crime and Information Warfare: A 30-Year History". Bloomberg Business. p. 2. Retrieved 30 July 2015.
  24. Mackeown, Patrick (10 August 2006). "Bookscape: Short Story - Famous Computer Hoaxes". Bookscape. Archived on 13 November 2010.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.