What Is A Decompression Bomb and How Does It work?

What is a Decompression Bomb?

A decompression bomb or zip bomb is a malicious archive file that contains a lot of repeated data that can crash the program reading it. Also known as the ‘zip of death’, a zip bomb is often used to render an antivirus program useless, so that more traditional viruses can gain entry into a system.

If you’re a member of the human race in the 21st century reading this article on an electronic device, it’s highly likely that you have access to a computer. If you do, then I suppose I can safely assume that you have at least heard of ‘computer viruses’.

A computer virus, commonly referred to as a ‘virus’, is a type of malware program that attaches itself to an executable program or a file and subsequently travels through other programs and files, infecting files in its wake.

virus malware

Once executed, a virus can harm your computer in many ways; it can replicate files and folders, increase CPU load drastically, steal hard disk space, corrupt data, spam contacts, and do other such unpleasant things.
You can read more about computer viruses, malware, trojan horses etc. in this article in more detail.

As you might already know, not all computer viruses are the same. In fact, there are hundreds upon hundreds of types of viruses, which differ in the way they are executed, the way they affect their ‘host’ system and the kind of damages that they cause.

‘The file is a decompression bomb’

While running an antivirus scan on your computer, you may have seen a warning displayed by your antivirus program announcing that ‘the file is a decompression bomb’.

the file is decompression bomb

The infamous error shown by a popular antivirus program.

Now, two questions may arise in your head upon reading such an alert by your antivirus program: first, what in the world is a ‘decompression bomb’? Is it a virus? And second, why can’t the antivirus program scan it?

As mentioned earlier, a decompression bomb is a zip file that is so highly compressed that when it’s actually decompressed on a system, it takes up a huge amount of disk space. In fact, in most cases, the decompression of such ‘zip bombs’ takes such a long time that the antivirus program crashes, and the ‘host’ system follows suit.

A decompression bomb may be a zip file, a compressed installation file or even a certain program .exe file that wreaks havoc on your system as soon as you decompress it. There’s one very popular zip bomb – a zip file that goes by the title ‘42.zip’: the file itself is just a few kilobytes, but when decompressed, it consumes 4.5 petabytes’ worth of space on the disk!

Decompression bomb activated meme

Is a decompression bomb (zip bomb) a virus?

Not necessarily…

You see, a decompression bomb is certainly a malicious archive file designed to crash or render useless the host system so that ‘headway’ is made for more traditional viruses to do their damage. However, a decompression bomb, all by itself, doesn’t cause any damage to the system, at least not in the way a traditional computer virus does.

Rather than hijacking the normal operation of the program, as normal computer viruses usually do, a decompression bomb actually allows the system to do its job as it’s designed. The only catch is that the zip bomb contains so much compressed data that unpacking it requires excessively massive amounts of memory, disk space and time.

when you open a zip bomb

Ultimately, zip bombs are harmful to the system because they make the ‘environment’ of a computer more conducive for an attack by traditional viruses. Thankfully, modern (and good) antivirus programs can detect whether a file is a zip bomb, and alert the user so they don’t try to unpack it.

References

  1. Institute For Advanced Study
  2. Pennsylvania State University
The short URL of the present article is: http://sciabc.us/zknnp
Help us make this article better
About the Author:

Ashish is a Science graduate (Bachelor of Science) from Punjabi University (India). He spends a lot of time watching movies, and an awful lot more time discussing them. He likes Harry Potter and the Avengers, and obsesses over how thoroughly Science dictates every aspect of life… in this universe, at least.

.
Related Articles



Get more stuff like this
in your inbox

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.