Logic bomb

From Wikipedia, the free encyclopedia

You have new messages (last change).
This article is about a type of malicious software code. For the psychedelic trance group, see Logic Bomb (band).

A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files (such as the salary database), should he ever leave the company.[1]

Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre-defined time or when some other condition is met. This technique can be used by a virus or worm to gain momentum and spread before being noticed. Many viruses attack their host systems on specific dates, such as Friday the 13th or April Fool's Day. Trojans that activate on certain dates are often called "time bombs".

To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software. As an example, trial programs with code that disables certain functionality after a set time are not normally regarded as logic bombs.

Contents

[edit] Historic logic bombs

In June 1992, a defense contractor General Dynamics employee, Michael Lauffenburger, was arrested for inserting a logic bomb that would delete vital rocket project data. It was alleged that his plan was to return as a highly paid consultant to fix the problem once it triggered. Another employee of the company stumbled upon the bomb before it was triggered. Lauffenburger was charged with computer tampering and attempted fraud and faced potential fines of $500,000 and jail time,[2] but was ultimately fined $5,000[3].

In February 2000, Tony Xiaotong, indicted before a grand jury, was accused of planting a logic bomb during his employment as a programmer and securities trader at Deutsche Morgan Grenfell. The bomb had a trigger date of 20 July 2000, and was discovered by other programmers in the company. Removing and cleaning up after the bomb allegedly took several months.

In June 2006 Roger Duronio, a disgruntled systems administrator for UBS PaineWebber was charged with using a "logic bomb" to damage the company's computer network, and with securities fraud for his failed plan to drive down the company's stock with activation of the logic bomb.[4][5][6] Duronio was later convicted and sentenced to 8 years and 1 month in prison, as well as a $3.1 million restitution to UBS.[7]

[edit] Fictional logic bombs

The Tom Clancy book Debt of Honor features a logic bomb installed in the code of various Stock Market computers.

Hugh Jackman in Swordfish claims to have "dropped a logic bomb through the trapdoor" while hacking into a Department of Defense network.

In the TV series Battlestar Galactica (2004+ TV series), the Cylons leave a logic bomb in the Galactica computers after briefly gaining access to them (season 2, episodes 1 & 9) .

[edit] See also

[edit] References

  1. ^ Man accused of crashing UBS servers
  2. ^ [1]
  3. ^ Logic bombs, Part 1
  4. ^ Man accused of crashing UBS servers | The Register
  5. ^ Nightmare On Wall Street: Prosecution Witness Describes 'Chaos' In UBS PaineWebber Attack - News byy InformationWeek
  6. ^ Are Background Checks Necessary For IT Workers? Ask UBS PaineWebber - VARBusiness
  7. ^ [2]
Retrieved from "http://en.wikipedia.org../../../l/o/g/Logic_bomb.html"