Your browser is obsolete!

The page may not load correctly.

Terminology

СпецНаз (специальные названия)

Other issues in this category (40)
  • add to favourites
    Add to Bookmarks

The mother of all bombs!

Read: 12013 Comments: 2 Rating: 10

Wednesday, January 24, 2018

On October 11, 2017, a "bomb” was uncovered in the depths of the Internet. Reportedly, it was capable of inflicting enormous damage to computers.

One of the most notorious ZIP-bombs—42.zip—was rediscovered on the Internet. A corresponding message appeared on the Dark Harbor Telegram channel.

42.zip is an archive, a.k.a. a zip of death. Because its size is 4.5 petabytes (4,503,599 gigabytes), the impact of the archive's decompression can be devastating and result in a system crash. To give you a comparison: Google's servers process around 24 petabytes of data in twenty-four hours.

https://lenta.ru/news/2017/10/11/zipbomb

The filename may appear somewhat familiar to Anti-virus Times readers. Let's take a moment to run a search—and voilà!

Malware for PCs includes programs known as zip-bombs. These are zip archives containing files whose size will increase manifold if they are extracted. For example, one of the most notorious zip bombs, 42.zip, only occupies 42 KB, but it contains files on 5 nesting levels, with 16 files per level. The size of each file at the last level is 4.3 GB, and the entire archive unpacked will occupy 4.5 petabytes.

#drweb

https://www.drweb.ru/pravda/issue/?number=365

A perfect match!

According to the user who started the channel, 42.zip occupies only 42 KB of disk space, but it is 5 levels deep with 16 files on each nesting level. "The size of each file at the deepest level is 4.3 GB, and the archive's contents unpacked will occupy 4.5 petabytes", he explains.

https://lenta.ru/news/2017/10/11/zipbomb

As usual, no anti-virus was able to detect this terrible threat.

The administrator also notes that many anti-viruses have already learnt how to detect the malware.

We won't cite the corresponding Anti-virus Times issue again, but Doctor Web's long-time employees who read the publication took great pleasure reminiscing about the time they first came across archives of this sort. And that was about 15 years ago…

By the way, the user who discovered the archive also published a download link and noted that he wasn't encouraging other people to do anything. We can't help wondering: how many people decided to decompress the zip of death?

The Anti-virus Times recommends

Now the new generation is rediscovering our toys and stands in awe of their capabilities. How did we manage to survive back then?

[Twitter]

Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments

Comments to other issues | My comments