What is a logic bomb?
D2 ยท Threats ยท CompTIA Security+ SY0-701A logic bomb is malicious code secretly inserted into software that remains dormant until specific triggering conditions are met โ then executes a destructive payload.
Triggers: a specific date/time, a user action, a file being accessed or deleted, or a login event.
Example: A disgruntled employee plants code that deletes the database if their username is removed from the system (i.e., when they're fired).
Logic bombs are often planted by insiders (disgruntled employees or contractors).
Triggers: a specific date/time, a user action, a file being accessed or deleted, or a login event.
Example: A disgruntled employee plants code that deletes the database if their username is removed from the system (i.e., when they're fired).
Logic bombs are often planted by insiders (disgruntled employees or contractors).
Logic bombs are an insider threat tool. They're hard to detect because they look like normal code until triggered. Defenses: code review, separation of duties, least privilege, monitoring for unusual scheduled tasks or code changes. Often discovered after the damage is done.