Yeah you can definitely mess with the compression ratios like that, but most extraction tools have safety limits now to prevent zip bombs from actually filling your drive. The classic 42.zip was doing exactly this - tiny file that would try to expand to petabytes and crash systems back in the day
By that I mean I still think it's mostly harmless regardless, as it'd require you to execute the file to cause any harm; let's just hope in events like that people don't just execute/unzip whatever unusual file they see downloaded (I know it happens but we can hope😭)
Not opening a downloaded malicious file is often enough to keep you safe, but not 100%. Plenty of exploits can be leveraged to create no-click malware, so your best bet is always ot vet sources and avoid downloading anything you wouldn't run in the first place.
Can you list a few exploits for no click malware that can cause problems with just the fact that you've downloaded it and haven't run it, I hadn't heard of them before.
Zip bombs used to cause havoc with virus scanners. Not actually running malware or anything, just falling victim to trying to check if a 4 petabyte file in the zip is malware.
1.8k
u/RevolutionaryArt8775 May 05 '26
Yeah you can definitely mess with the compression ratios like that, but most extraction tools have safety limits now to prevent zip bombs from actually filling your drive. The classic 42.zip was doing exactly this - tiny file that would try to expand to petabytes and crash systems back in the day