The term logic bomb refers to the malware also called slag code which gets activated by a response to an event. For instance, launching an application or when a specific date/time is reached – it triggers the logic bomb malware to start running on a computer. Online fraudsters make use of the logic bomb malware in a variety of ways. Attackers usually embed the code within a bogus application, or Trojan horse, and will automatically execute whenever the user launches the fake software.
Online criminals may try deploying a mixture of spyware and logic bombs in an attempt to steal a user’s identity. For instance, spyware is used by online fraudsters to covertly install a keylogger on a computer. The keylogger captures the keystrokes of the user and sends it back to the implanter/remote attacker, the information are usually the usernames and passwords.
However, in the case of a logic bomb malware, it waits for the user to visit a website that requires you to log in with the credentials. The details could include a banking site or social network. In the process, the logic bomb will automatically execute the keylogger and capture the user credentials and send it back to the creator.
South Korea Logic Bomb Malware Attack
A malware attack wiped the computer’s hard drive in South Korea relating to the banks and broadcasting companies. It was later identified as the logic bomb in the code by the security firm in the U.S. The malware dictated the date and time to erase the data from machines to coordinate the destruction across multiple victims.
The logic bomb attack wiped the hard drives and master boot record of at least three banks and two media companies simultaneously. It also made a few ATMs go out of operation, preventing the South Koreans from withdrawing cash.
How to prevent logic bombs?
Logic bombs are hard to prevent due to the reason that they can be deployed from anywhere. A remote attacker can plant a logic bomb through numerous ways on multiple platforms by hiding the malicious code in a script or deploying it on a SQL server.
In companies, allocation of duties may offer protection against logic bombs. By limiting employee access to specific files and folders, a potential attacker will be exposed to carry out the logic bomb deployment and this may prevent the subject to carry out the attack.
Today, many companies execute a business continuity and disaster recovery plan. This approach basically includes processes such as data backups and recovery. In the case of an unanticipated logic bomb attack and it was to purge important data, the company can implement the disaster recovery plan. Some of the necessary steps to recover from the attack are listed here go through them keenly.
- Never download pirated software – cybercriminals implant Logic bombs using such software.
- Make sure that the shareware/freeware applications that you install are from a trusted source since Logic bombs can be embedded within Trojan horses.
- Email attachments may come with the logic bombs malware so be extra careful when opening email attachments.
- Implement patches to all the software installed on the computer whenever there is a release.
- Never visit untrusted web links because clicking on an unsafe link may direct you to an infected website.
- Install a robust antivirus program like Comodo Antivirus because it easily detects malware such as Trojan horses.