(also decompression bomb, zip of death)
Zip bomb definition
A malicious compressed file designed to crash the system trying to unarchive it. It is typically used to overwhelm the device’s security mechanisms so they’re unable to detect actual malicious software entering the device. It can also be used to crash a system entirely because unpacking the archive takes up a lot of the device’s computing power and storage.
Zip bomb example
42.zip is the most famous zip bomb. The file takes up only 42 kilobytes when compressed. When unpacked, it explodes into 4.5 petabytes of data — that’s 4,500,000 gigabytes. The file is so well-known, it’s no longer used for malicious purposes — modern antivirus software immediately recognizes it, and people can download it themselves for research.
How to prevent zip bombs
- Don’t unarchive unknown .zip files.
- Change how files are unarchived on your device, and opt for linear unpacking.
- Use modern antivirus software.