Fork Bomb - What it is, what it does, and simple ways to prevent it

Fork Bomb

What it is

A fork bomb is a tiny program or command that clones itself over and over until your computer runs out of processes and resources. The system becomes slow or unresponsive - sometimes it crashes - because it’s too busy creating more copies.

How it works

  • It starts one process that immediately spawns two.

  • Each of those spawns two more - and so on - creating an exponential flood.

  • CPU time, memory, and the allowed number of processes get exhausted.

What you might notice

  • Apps stop responding and the mouse lags

  • Fans ramp up and the desktop freezes

  • You can’t open new windows or terminals

  • On servers: load average spikes and logins fail

If it hits 

  1. Try to switch TTY (Linux: Ctrl+Alt+F2) and log in as an admin.

  2. Kill the user session or reboot safely if you still have control.

  3. After recovery, check shell history and disable any risky aliases or scripts.

Prevent it

  • Limit processes per user (Linux: ulimit -u, PAM limits, systemd slices or cgroups).

  • Use least privilege - don’t run untrusted scripts as admin.

  • On shared systems, restrict who can run code and review new accounts.

  • Monitor for sudden process spikes and alert on abuse.

    Glossary (A–Z)

    All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

      • Related Articles

      • Data Execution Prevention

        What it is Data Execution Prevention (DEP) is a Windows safety net that stops code from running in places it shouldn’t—like the stack or heap. If malware tries to execute from those memory areas, Windows blocks it and shuts the app down instead of ...

      • Time Bomb

        What it is A time bomb is malware (or a hidden malicious feature) set to go off at a specific date or time. Until that moment, it stays quiet, then runs its payload - deleting files, encrypting data, stealing info, or opening a back door. It’s a ...

      • EDR (Endpoint Detection and Response)

        What it is EDR is your always-on security team for laptops and servers. It watches what’s happening on each device, spots attacks in progress, and helps you respond fast - quarantine, investigate, and clean up. For details on capabilities and use ...

      • Security Software

        What it is Security software is a set of apps and services that protect your devices and data from hackers, malware, and mistakes. It covers tools like antivirus/anti-malware, firewalls, VPNs, email and web filters, intrusion detection/prevention, ...

      • Zip Bomb

        What it is A zip bomb (decompression bomb) is a tiny-looking archive that explodes into an enormous amount of data when you try to open or scan it. The goal is to freeze or crash your app (or even your antivirus) by using up CPU, RAM, or disk space. ...