A logic bomb is a program, or portion of a program, which lies dormant until a specific piece of program logic is activated. In this way, a logic bomb is very analagous to a real-world land mine.
The most common activator for a logic bomb is a date. The logic bomb checks the system date and does nothing until a pre-programmed date and time is reached. At that point, the logic bomb activates and executes it’s code.
A logic bomb could also be programmed to wait for a certain message from the programmer. The logic bomb could, for example, check a web site once a week for a certain message. When the logic bomb sees that message, or when the logic bomb stops seeing that message, it activates and executes it’s code.
A logic bomb can also be programmed to activate on a wide variety of other variables, such as when a database grows past a certain size or a users home directory is deleted.
The most dangerous form of the logic bomb is a logic bomb that activates when something doesn’t happen. Imagine a suspicious and unethical system administrator who creates a logic bomb which deletes all of the data on a server if he doesn’t log in for a month. The system administrator programs the logic bomb with this logic because he knows that if he is fired, he won’t be able to get back into the system to set his logic bomb. One day on his way to work, our suspicious and unethical system administrator is hit by a bus. Three weeks later, his logic bomb goes off and the server is wiped clean. The system administrator meant for the logic bomb to explode if he was fired; he did not forsee that he would be hit by a bus.
Because a logic bomb does not replicate itself, it is very easy to write a logic bomb program. This also means that a logic bomb will not spread to unintended victims. In some ways, a logic bomb is the most civilized programmed threat, because a logic bomb must be targeted against a specific victim.
The classic use for a logic bomb is to ensure payment for software. If payment is not made by a certain date, the logic bomb activates and the software automatically deletes itself. A more malicious form of that logic bomb would also delete other data on the system.