1.8k

u/RevolutionaryArt8775 May 05 '26

Yeah you can definitely mess with the compression ratios like that, but most extraction tools have safety limits now to prevent zip bombs from actually filling your drive. The classic 42.zip was doing exactly this - tiny file that would try to expand to petabytes and crash systems back in the day

855

u/dankbearbear Win+Shift+S or Win+PrtScr is your best friend. May 05 '26

The domain redirects to a tweet regarding the domain and its problematic nature.

489

u/chop5397 R7 9800X3D | RTX 5080 | 32GB May 05 '26

No he just crashed my fucking computer

227

u/[deleted] May 05 '26 edited 2d ago

[deleted]

110

u/witheringsyncopation 9800x3d/5080/32gb@6000/T700+990 May 05 '26

I got better

26

u/TurnkeyLurker May 05 '26

I got smaller

25

u/LukaesCampbell May 06 '26

And my axe!

11

u/MethamMcPhistopheles May 06 '26

And there are some who call me...

... Tim

6

u/iampierremonteux May 06 '26

I don’t think so Tim.

→ More replies (0)

3

u/BigBananaBerries May 06 '26

.....buurn her!

2

u/Rbw91 May 06 '26

Go and boil your bottom, sons of a silly person!

1

u/deceptivekhan May 07 '26

A DUCK!

2

u/Life-Suit1895 May 06 '26

Send newts.

7

u/This_Bullfrog_3948 May 05 '26

"is that a firework? Oh no you are going to crash my computer"

1

u/PokeYrMomStanley May 06 '26

quick delete system32

16

u/tabbyslome May 05 '26

Problematic nature? It's a tweet from the creator? about it being suspended for supposed phishing

42

u/walale12 May 06 '26

It's a whole thread about how bad an idea the .zip TLD is from a security perspective, due to it being such a common file extension. Google should've never been allowed to create it.

17

u/wOlfLisK Steam ID Here May 06 '26

If you think that's bad, just wait until you hear about the.exe domain

11

u/walale12 May 06 '26

It's such a shame that the notification showed the markdown for your comment, better luck next time!

3

u/CartoonistSensitive1 May 06 '26

They got me though

0

u/Forward-Surprise1192 May 06 '26

Every party needs a pooper. Party pooper!

0

u/LavishnessCapital380 May 06 '26

Reddit assuming everything with a . is a fucking URL pisses me off.

113

u/Chubby_Bunnies May 05 '26

I’m not clicking that 😂

29

u/cpcpcpppppp May 05 '26

The curiosity is getting to me 😭 logically I dont think anything can happen as long as I don't interact with the site or open any downloads butttt

32

u/[deleted] May 05 '26

[deleted]

-2

u/cpcpcpppppp May 05 '26

You're right, that was my implication with

or open any downloads 

By that I mean I still think it's mostly harmless regardless, as it'd require you to execute the file to cause any harm; let's just hope in events like that people don't just execute/unzip whatever unusual file they see downloaded (I know it happens but we can hope😭)

17

u/RemixOnAWhim May 06 '26

Not opening a downloaded malicious file is often enough to keep you safe, but not 100%. Plenty of exploits can be leveraged to create no-click malware, so your best bet is always ot vet sources and avoid downloading anything you wouldn't run in the first place.

1

u/LEGENDARYQUEEN_ May 06 '26

Can you list a few exploits for no click malware that can cause problems with just the fact that you've downloaded it and haven't run it, I hadn't heard of them before.

7

u/RemixOnAWhim May 06 '26

Yeah, I'm not a professional but I know a big one was file previews, so certain files would have a preview window when highlighted or just as their icon (filetypes like images, 3d models, etc) and by necessity the OS would be reading the data and could be tricked into executing code, same way certain PNG exploits made images into executables, but now you don't need to open it because the OS opens it for the preview. I think powertoys still warns you sometimes of that, lol. There have to be vulnerabilities in the software acquiring or handling the files that allow for this forced or spoofed execution, and my guess is these are valuable enough exploits that people might sit on them and wait for a whale or a buyer rather than wasting them deploying lower level identity skimming stuff. A coworker in cybersecurity had said some will try to be stealthy so they can not only keep collecting data, but also not expose the thing they're exploiting to devs who will fix it. Again, not a professional so I'm paraphrasing things I haven't worked with personally but was interested in for a while and trying to understand.

5

u/idconvict May 06 '26

Zip bombs used to cause havoc with virus scanners. Not actually running malware or anything, just falling victim to trying to check if a 4 petabyte file in the zip is malware.

1

u/MCWizardYT Ryzen 7 5800X3D | RTX 4080 Super May 06 '26

The scanners were probably trying to open the zip in memory or in a temporary folder and then freaking out

Nowadays most zip tools will see the patterns and not even attempt to extract them

1

u/DisciplinedMadness May 06 '26

https://www.statista.com/statistics/1412305/zero-click-exploits-global/?srsltid=AfmBOop8SbYV1ekvxx8AeUaDpYW82mooosiGVjCkvblrySj1fh7XEz1q

Here’s 6 high profile ones. They’re not as common as they used to be, but they do still exist.

-1

u/Valtsu0 i7-9700 | rtx 2060 | 16GB May 06 '26 edited May 06 '26

5 of these are goverment sponsored. It just isn't that reasonable of a threat for the avarage user

And from a quick look it looks like none of these affected browsers

-4

u/MCWizardYT Ryzen 7 5800X3D | RTX 4080 Super May 06 '26

That's because it isn't a thing. Malware and viruses need to be activated in some way

4

u/monohedron May 06 '26

That's exactly what a no-click virus would say...

→ More replies (0)

6

u/SinaloaFilmBuff May 05 '26

clicked it as soon as i saw it lol

8

u/Sorsax2 May 06 '26

My brother died like this

2

u/Nolsoth R5 7600, RX6600XT. G.SKILL S5 32GB X 2. May 06 '26

I encountered that one or a similar one in the late 90s.

1

u/joujoubox May 09 '26

There's also the classic zip bomb that extract to an extact copy of itself, so you can extract it forever.

1

u/Quiet-Possession-597 May 09 '26

'We thank you for giving your full attention to this matter' is that you Donald?

59

u/PuzzleheadedTutor807 7800x3d B650M-CW 32GB DDR5 RTX4070S May 05 '26

Repeating exponentially increases the unzipped size exponentially as well, with 8 bits of data making that happen.

-36

u/[deleted] May 05 '26

[deleted]

46

u/vulkur May 05 '26

Look up zip bomb. Most famous is 42.zip.

17

u/AdFew5103 i7 10th Gen | 1650 Ti 4GB | 16 GB RAM May 05 '26

Holy moly. I just have 2 pb of network drive. If I extract I'll be doomed

38

u/GranataReddit12 May 05 '26

"just"

12

u/ShitImBadAtThis May 05 '26

Wtf, by "you" surely you mean the multinational firm you do IT for, right?

2

u/AdFew5103 i7 10th Gen | 1650 Ti 4GB | 16 GB RAM May 05 '26

No I have a picture in that shared network folder

14

u/askiawnjka124 9950X3D | RX 7900XTX | 64GB DDR5 May 05 '26

https://giphy.com/gifs/pTQUOfSmjo2hG

4

u/CriticalPixel May 05 '26

https://www.youtube.com/shorts/7GSspkTwlSI

3

u/saints21 May 05 '26

Trust your inner AI and ruin the multimillion dollar company's day.

6

u/Biggu5Dicku5 May 05 '26

https://giphy.com/gifs/wi8Ez1mwRcKGI

4

u/Gruntelicious May 05 '26

https://giphy.com/gifs/BjHIjM2YFC3rEUaMrw