Infinite.zip

Systems should be configured to reject archives where the ratio of compressed-to-uncompressed size is suspiciously high.

It is used to overwhelm security software that attempts to scan within archives, preventing it from detecting other, actual malicious files. 4. Mitigation and Defense Infinite.zip

The ZIP algorithm can compress repetitive data (like a file filled entirely with zeros) extremely efficiently. A 10 GB file of zeros can be compressed into a few megabytes. Systems should be configured to reject archives where

"Infinite.zip"—often referred to in technical circles as a type of or decompression bomb (such as the famous 42.zip )—is a maliciously crafted archive file designed to crash, freeze, or overwhelm the storage capacity of any system that attempts to unpack it. Mitigation and Defense The ZIP algorithm can compress

The most infamous example, 42.zip , is a 42-kilobyte file that, when fully extracted, expands to 4.5 petabytes (

A tiny compressed file (often only a few kilobytes or megabytes in size) that expands into a gargantuan amount of data (petabytes, exabytes, or "infinite" space) upon extraction.

Do not extract unknown or unexpectedly small zip files from untrusted sources. zip and recursive zip bombs ? 42.zip (2004) - Hacker News