Time Bomb

A time bomb is malicious code that activates when the system clock reaches a chosen date or time, or after a fixed delay since installation. The delay gives the operator predictable timing, makes the payload harder to associate with the initial breach, and allows backdoored software to ship without raising immediate alarms. Time bombs are used in sabotage, insider attacks, supply-chain implants and so-called "trial-ware" tampering. Detection benefits from static analysis flagging suspicious time comparisons, code review, network-time-protocol monitoring, anti-tampering controls and behavioural EDR that can catch sudden mass file modifications when the bomb fires.