What Is A Decompression Bomb and How Does It work?

What is a Decompression Bomb?

A decompression bomb or zip bomb is a malicious archive file that contains a lot of repeated data that can crash the program reading it. Also known as the ‘zip of death’, a zip bomb is often used to render an antivirus program useless, so that more traditional viruses can gain entry into a system.

A computer virus, commonly referred to as a ‘virus’, is a type of malware program that attaches itself to an executable program or a file and subsequently travels through other programs and files, infecting files in its wake.

virus malware

Once executed, a virus can harm your computer in many ways; it can replicate files and folders, increase CPU load drastically, steal hard disk space, corrupt data, spam contacts, and do other such unpleasant things. You can read more about computer viruses, malware, trojan horses etc. in this article in more detail.

As you might already know, not all computer viruses are the same. In fact, there are hundreds upon hundreds of types of viruses, which differ in the way they are executed, the way they affect their ‘host’ system and the kind of damages that they cause.

‘The file is a decompression bomb’

While running an antivirus scan on your computer, you may have seen a warning displayed by your antivirus program announcing that ‘the file is a decompression bomb’.

the file is decompression bomb

The infamous error shown by a popular antivirus program.

Now, two questions may arise in your head upon reading such an alert by your antivirus program: first, what in the world is a ‘decompression bomb’? Is it a virus? And second, why can’t the antivirus program scan it?

As mentioned earlier, a decompression bomb is a zip file that is so highly compressed that when it’s actually decompressed on a system, it takes up a huge amount of disk space. In fact, in most cases, the decompression of such ‘zip bombs’ takes such a long time that the antivirus program crashes, and the ‘host’ system follows suit.

A decompression bomb may be a zip file, a compressed installation file or even a certain program .exe file that wreaks havoc on your system as soon as you decompress it. There’s one very popular zip bomb – a zip file that goes by the title ‘42.zip’: the file itself is just a few kilobytes, but when decompressed, it consumes 4.5 petabytes’ worth of space on the disk! (Source)

Decompression bomb activated meme

A zip bomb simply exploits the process of compression. Suppose, you had a data that looked something like:

thor thor thor thor thor thor thor thor thor thor thor thor

During compression, it would be written simply as thor*12. This sort of ‘shortening’ would obviously save a lot of space, and therefore, the size of the compressed file would be very small. But when decompressed, the size of the file would be unimaginably high… so high that you may run out of storage space on your system, and still not be able to decompress it completely!

Is a decompression bomb (zip bomb) a virus?

Not necessarily…

You see, a decompression bomb is certainly a malicious archive file designed to crash or render useless the host system so that ‘headway’ is made for more traditional viruses to do their damage. However, a decompression bomb, all by itself, doesn’t cause any damage to the system, at least not in the way a traditional computer virus does.

Rather than hijacking the normal operation of the program, as normal computer viruses usually do, a decompression bomb actually allows the system to do its job as it’s designed. The only catch is that the zip bomb contains so much compressed data that unpacking it requires excessively massive amounts of memory, disk space and time.

when you open a zip bomb

Related Articles
Related Articles

Ultimately, zip bombs are harmful to the system because they make the ‘environment’ of a computer more conducive for an attack by traditional viruses. Thankfully, modern (and good) antivirus programs can detect whether a file is a zip bomb, and alert the user so they don’t try to unpack it.

Even so, the next time you encounter a suspicious zip file titled ’42.zip’, it would be best to leave it alone. Deleting it wouldn’t hurt either.

Help us make this article better
About the Author

Ashish is a Science graduate (Bachelor of Science) from Punjabi University (India). He spends a lot of time watching movies, and an awful lot more time discussing them. He likes Harry Potter and the Avengers, and obsesses over how thoroughly Science dictates every aspect of life… in this universe, at least.

Science ABC YouTube Videos

  1. Digestive System: Ingestion to Egestion Explained in Simple WordsDigestive System: Ingestion to Egestion Explained in Simple Words
  2. What is Radioactivity and Is It Always Harmful: Explained in Really Simple WordsWhat is Radioactivity and Is It Always Harmful: Explained in Really Simple Words
  3. What is DNA and How Does it Work?What is DNA and How Does it Work?
  4. Grandfather Paradox: Explained in Simple WordsGrandfather Paradox: Explained in Simple Words
  5. What are Mutations and what are the different types of Mutations?What are Mutations and what are the different types of Mutations?
  6. Gravitational Lensing: What It Is And How It Is Helping Us Discover New GalaxiesGravitational Lensing: What It Is And How It Is Helping Us Discover New Galaxies
  7. Archimedes Principle: Explained in Really Simple WordsArchimedes Principle: Explained in Really Simple Words
  8. What is Evolution: A REALLY SIMPLE and Brief ExplanationWhat is Evolution: A REALLY SIMPLE and Brief Explanation