Zombie ZIP: How Malformed Archives Can Hide Malware from Security Scanners

A new archive-manipulation technique called “Zombie ZIP” lets attackers conceal payloads inside ZIP files in a way that can evade many antivirus and endpoint detection solutions. The method was described by security researcher Chris Aziz of Bombadil Systems and has drawn warnings from CERT/CC and the wider security community. This post explains how Zombie ZIP works, what research and evidence exist today, which tools are affected, and pragmatic steps defenders can take to reduce risk.

How Zombie ZIP works

The technique abuses fields in the ZIP file header to make scanners treat compressed data as if it were uncompressed. Specifically, archives are constructed so the ZIP “Method” field claims the payload is STORED (method=0), meaning raw/uncompressed bytes.

In reality the data block is compressed using the Deflate algorithm. When scanners trust the header and scan the data as raw bytes, they see compressed noise rather than recognizable malicious signatures.

To cause common decompression tools (for example, WinRAR, 7-Zip, unzip) to fail or report errors, the attacker sets CRC and length fields so that standard extractors detect an inconsistency. A purpose-built loader that ignores the declared method and treats the block as Deflate-compressed can decompress and recover the original payload without error.

What the research shows

Chris Aziz published a proof-of-concept and sample archives demonstrating the approach and reported that the technique bypassed detection in 50 of 51 antivirus engines on VirusTotal at the time of testing.
A CERT/CC bulletin summarized the issue, assigned CVE-2026-0866 to the problem, and recommended that archive-inspection logic be updated to validate header fields against actual data and to detect structural inconsistencies.
The technique relies on a mismatch between header metadata and payload encoding rather than exploiting a specific parsing bug. Similar conceptual issues have occurred historically—for example, CVE-2004-0935 highlighted how malformed archives could confuse security tools two decades ago.

Tools and environments affected

The issue affects ZIP archives that use the widely supported Deflate compression method. Common archive utilities may error on these malformed files, but purpose-built loaders can recover payloads.
Security scanners and EDR products that rely on trusting the declared compression method (and therefore scan the payload as uncompressed data) are the primary targets for evasion.
The exact impact will vary by vendor and product version; the PoC and VirusTotal results demonstrated the concept’s feasibility but do not automatically mean universal bypass across all deployments.

Implications for defenders

Don’t rely solely on header-declared metadata when scanning archives. Archive inspection should validate that declared compression methods and sizes are consistent with the actual data before deciding what to scan.
Vendors should implement deeper archive inspection modes and add heuristics to detect mismatches between header fields and payload encoding.
Organizations should treat archives from unknown or untrusted sources with caution. If a file fails to decompress using standard tools, treat that failure as a red flag rather than benign corruption.
Defense-in-depth remains important: block or quarantine suspicious archives at email gateways and file-transfer points; use sandboxing that can handle malformed archives; and combine static scanning with behavioral detection that looks for post-extraction indicators of compromise.
Maintain up-to-date signatures and software versions for AV and EDR products, and monitor vendor advisories for updated archive-parsing logic.

Practical steps for incident handling

If you encounter a ZIP that won’t extract with standard tools, isolate and analyze it in a controlled environment rather than attempting to extract on production endpoints.
Use specialized unpacking tools or purpose-built loaders in an instrumented sandbox to determine whether a payload can be recovered and executed.
Log and report unusual archive failures and share samples with your vendor’s threat response team so they can test and, if needed, adjust detection rules.
Apply conventional email and attachment hygiene: block or mark inline archives, enforce attachment policies, and educate users about handling unexpected compressed files.

Conclusion

Zombie ZIP is a practical example of how inconsistencies between file metadata and payload encoding can be weaponized to evade signature-based scanning. The technique is straightforward in concept, demonstrated in a PoC, and has been acknowledged by CERT/CC with a CVE assignment. Mitigation requires both vendor changes to archive-inspection logic and operational vigilance by security teams: treat failed decompression as suspicious, use sandboxing and behavioral analysis, and keep detection tools patched and configured for deeper inspection.

Licensed under CC BY-ND 4.0 International

Zero-Day on the Market: $220K Exploit Targets Windows Remote Desktop Services (CVE-2026-21533)

Remote Desktop Services (RDS) has come under renewed scrutiny after reports that…

Mar 9, 2026 · 4 min read Related

Clipboard Trap: ClickFix Now Abuses Windows Terminal to Deliver Lumma Stealer

A newly observed wave of ClickFix social-engineering attacks has shifted tactics, hijacking…

Mar 7, 2026 · 4 min read Related

When Claude Became a Bug Hunter: How an AI Found 22 Firefox Vulnerabilities in Two Weeks

In February 2026, a focused collaboration between Anthropic and Mozilla demonstrated a…