Close
Menu

hacker_mask

From 42 Kilobytes to 4.5 Petabytes

A zip bomb, also known as a zip of death or decompression bomb, is a malicious archive file designed to crash the program or system reading it. It is often employed to disable antivirus software, in order to create an opening for more traditional viruses.

Rather than hijacking the normal operation of the program, a zip bomb allows the program to work as intended, but the archive is crafted such, that unpacking it (e.g. by a virus scanner in order to scan for viruses) requires inordinate amounts of time, disk space or memory. Most modern antivirus programs can detect whether a file is a zip bomb, to avoid unpacking it.

What kind of data is stored in it?

Data stored in the zip bomb does not matter at all. It could be absolutely random text. The reason the zip bomb is so nasty is the methods used to assemble the layered zipped files.

What can it do?

This 42 kb file contains many recursively zipped interior files, each containing recursively zipped files so that the unpacking of this tiny zipped container:

  1. Consumes most or all of your system's resources like memory and processing power
  2. Expands to a ridiculous size consuming physical storage
  3. Duplicates themselves many times
  4. Distracts your system allowing a more active virus to sneak by

Once you have 165 number of files and each expands in its final iteration to be huge, it becomes a sad day for computing at your house!

If these files were objects in the real world you could think of it like-

  • You receive a small package with a painted wooden doll which contains other wooden dolls inside. Except in this case, when you open the doll, it contains 16 other dolls which also grow to become identical in shape and size.
  • And each of those contains another 16 dolls. This goes on for 5 dolls deep… 16 dolls x 16 dolls x 16 dolls x 16 dolls 16 dolls. (You can see how this would engage many threads and all of your systems resources.)
  • And then, surprise, last doll in each of the final containers grows to be 5 times the size of your house….that is what is happening in Zip42.
  • And while you are watching these dolls reproduce and take over your house, some one runs in through the back door and steals your television.

    i.e. the "intended" virus sneaks by ...while the zip bomb is unpacking

The use of zip-bomb is immoral & unethical.