Trace Id is missing
Skip to main content
Windows
Windows laptop with a security threat popup

September 28, 2023

What is a zip bomb?

Malware comes in many different forms, which is why it’s important to be cautious about what you open on your PC. Zip bombs, or decompression bombs, are sneaky files that can seriously damage your computer’s hard drive if opened. Thankfully, modern antivirus programs like Windows Defender can identify zip bombs and other malicious files. Learn more about zip bombs and how to get rid of them.

Why are zip bombs so dangerous?

At first glance, a zip bomb may not seem harmful. They appear like normal zip files, which consist of compressed documents and programs that make them look smaller. Since zip files themselves can be zipped, zip bombs are often made with multiple layers of compressed files. Once they are unzipped, they can contain hundreds, or even millions of gigabytes of repetitive data and overwhelm your hard drive. Zip bombs don’t need to contain viruses to affect a hard drive, but some hackers may slip them in to do extra damage to the system.

There are two different forms of zip bombs: recursive and non-recursive. Recursive zip bombs are made with several layers of recurring files, and non-recursive zip bombs compress more data into one layer through overlapping files. Both types can have a serious impact, but non-recursive zip bombs activate much quicker.

Using antivirus programs to find zip bombs

Thankfully, most modern antivirus programs are able to find both recursive and non-recursive zip bombs. They can find patterns that are commonly found in zip files and notify users that the file may not be safe to open. If you are using Windows Defender, Microsoft Defender SmartScreen will send you a warning if you are about to download content or visit a page that may expose your computer to zip bombs and harmful malware.

However, it’s important to note that older antivirus software programs may not be able to effectively detect zip bombs. Some older antivirus programs will try to scan all of the contents in a zip bomb, which can take days to complete. Advanced hackers often use this to their advantage by sending out a zip bomb to keep an antivirus program occupied, then going in to infect the system with malware.

How to avoid damage from zip bombs

A zip bomb attack can be alarming, but you can learn to avoid them with a few simple steps. Here are some tips for keeping zip bombs away from your computer.

  • Don’t open files you don’t recognize. Zip bombs can come from unsafe websites and spam emails. If you come across a file from a suspicious website or email, avoid opening it and report the problem. Since zip bombs are only activated when the file is decompressed, you will only risk harming your computer if you try to open it.
  • Use cloud storage. Backing your files up in the cloud will ensure that your documents are easy to recover in the event of a zip bomb attack. Use cloud storage platforms like OneDrive to keep your files protected from data loss.
  • Update your antivirus software. The newer your antivirus software is, the more likely it is to detect zip bombs. Get the latest versions of Windows Defender with Windows 11.

Still need to update your operating system? Upgrade to Windows 11 today to enjoy powerful productivity and security features.

DISCLAIMER: Features and functionality subject to change. Articles are written specifically for the United States market; features, functionality, and availability may vary by region.

Products featured in this article

More articles