Logic Bomb

A logic bomb is code embedded in a legitimate or trojanized application that triggers a destructive or unauthorized action when a precise condition occurs — a date, the absence of a particular user from payroll, the deletion of a database record, a hostname match, or arrival of a special command. Until that condition is true, the bomb stays inert, which makes detection through behavioural testing difficult. Logic bombs are classic insider-threat and sabotage tools, but also appear in supply-chain implants and time-delayed wipers. Defences include rigorous code review, segregation of duties, integrity monitoring, behavioural EDR, and revocation of access for departing personnel.