Time Bomb
What is Time Bomb?
Time BombA type of logic bomb whose triggering condition is a specific date, time, or elapsed interval rather than another logical event.
A time bomb is malicious code that activates when the system clock reaches a chosen date or time, or after a fixed delay since installation. The delay gives the operator predictable timing, makes the payload harder to associate with the initial breach, and allows backdoored software to ship without raising immediate alarms. Time bombs are used in sabotage, insider attacks, supply-chain implants and so-called "trial-ware" tampering. Detection benefits from static analysis flagging suspicious time comparisons, code review, network-time-protocol monitoring, anti-tampering controls and behavioural EDR that can catch sudden mass file modifications when the bomb fires.
● Examples
- 01
The Michelangelo virus, which activated annually on 6 March.
- 02
Insider code set to delete records 30 days after a layoff.
● Frequently asked questions
What is Time Bomb?
A type of logic bomb whose triggering condition is a specific date, time, or elapsed interval rather than another logical event. It belongs to the Malware category of cybersecurity.
What does Time Bomb mean?
A type of logic bomb whose triggering condition is a specific date, time, or elapsed interval rather than another logical event.
How do you defend against Time Bomb?
Defences for Time Bomb typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Time Bomb?
Common alternative names include: Date-triggered bomb, Timer payload.