Zip bomb
From Wikipedia, the free encyclopedia
| This article needs additional citations for verification. Please help improve this article by adding reliable references. Unsourced material may be challenged and removed. (March 2008) |
A zip bomb, also known as a Zip of Death, is a type of denial of service attack. Specifically, it a malicious archive file that is designed to crash or render useless the program or system reading it. It is often employed to disable antivirus software, so that a more traditional virus sent afterwards could get through undetected.
Rather than hijacking the normal operation of the program, a zip bomb allows the program to work as intended, but the archive is carefully crafted so that unpacking it (e.g. by a virus scanner in order to scan for viruses) requires inordinate amounts of time, disk space or memory.
A zip bomb is usually a small file (up to a few hundred kilobytes) for ease of transport and to avoid suspicion. However, when the file is unpacked its contents are more than the system can handle.
The term was apparently first coined in July 2001, but the same technique has been used on dialup bulletin board systems at least as long as compressing data archive programs have been around.[citation needed]
Today, most antivirus programs can detect whether a file is a zip bomb and so avoid unpacking it.
One example of a Zip bomb was the file "42.zip" which was 42 kilobytes of compressed data, containing five layers of nested zip files for a total of 4.5 petabytes of uncompressed data.
[edit] External links
[edit] See also
- Busy beaver, a small program that produces maximum output before terminating

