A zip bomb, also known as Zip of Death, is a type of a malicious computer file that is designed to crash or render useless the program or system reading it, particularly antivirus software. These files usually take the form of archive files that, when unpacked in order to be scanned, require enormous amounts of time, disk space, or memory. Usually a small file (up to a few hundred kilobytes), when the file is opened its description implies that its contents are inordinately large (e.g. terabytes), which is theoretically enough to crash the program or system reading it. The term was apparently first coined in July 2001, but the same technique has been used on dialup bulletin board systems at least as long as compressing data archive programs have been around. When antivirus software started to automatically check email message attachments, crackers started to zip viruses into archives to avoid detection. Then, antivirus software started to unzip and check email attachments. That gave crackers an idea to create zip bombs. A cracker would create, for example, a text file with the letter X repeating many million times. That would produce a small archive but massive disk and memory usage when unzipped, somewhat like a DoS attack started from the inside of the computer, blowing it away. Thus, a zip bomb. Zip bombs were initially intended to cause trouble with unsuspecting users downloading the file, crashing anti-virus programs that scanned uploaded files, and to cause chaos in computer labs. Later Zip bombs were used to crash anti-virus checkers on email systems, disabling them so that an infected file sent afterwards could get through. Today, there are antivirus programs that can detect a zip bomb and avoid it. Usually however, rather than allowing mail through unchecked, it resulted in effectively stopping mail to the target, either because the AV software was laboriously checking the entire large file and queuing up mail behind it, or the mail checker crashed altogether. One example of a Zip bomb was the file "42.zip" which itself was 42 Kilobytes in size, but described a file 4 Gigabytes in size.
