Definition: Software built to gain unauthorized access to computers.
Legal Status:
Almost always illegal
Platform ToS:
Violates Policy
Victim Visibility:
Inherent in Content
TSPA Abuse Type:
Scaled Abuse: Malware

Malware, short for malicious software, describes to a category of software programs designed to harm or gain access to computer systems without the user's consent.

Malware can be introduced over the internet in any way that content is loaded, including email attachments, infected websites or bad software downloads. Once installed, malware can steal financial or other sensitive information, record the actions of the user, or prevent access to the system as a whole. While the authors of malware are typically financially motivated, nation-states and corporations also routinely use malware in order to assist their espionage efforts.

Platforms contribute to the proliferation of malware through file sharing and link sharing - essential functions of online platforms.

Malware is a particularly challenging harm to mitigate on the internet because most users cannot tell the difference between malicious files and ones that are safe - only a small proportion of the population has the skills to reliably differentiate between the two. Because they are central authorities with the capacity and resources to build detections and blocklists for malware, platforms are in a uniquely advantageous position to mitigate it..

What features facilitate Malware?

Malware requires a vector to get onto a user's computer, and downloading files and opening links is the typical mechanism.
File/Link Sharing
The capacity of one user to publish or share files or links with other users.

How can platform design prevent Malware?

If a file or link constitutes malware, all future copies of it do too.
Label/Detect Identical Content
For some features, duplicate data suggests misuse.
To reach large audiences, or replicate through messages with links, malware has to be publicly hosted somewhere.
Right-size content visibility
Place limits on the amount of harm content can cause on a platform by restricting its reach.
Using known lists of bad links, domains, and file hashes is a low cost way of preventing rampant malware.
Perform basic link vetting
Run basic validation on the contents that something links to before showing the link to the user.
Prompting a user to consider whether they trust the source is an effective way to prevent thoughtless malware installation.
Warn Before Risky Action
Use signals about affinity and content to occasionally warn the user about what they're about to see/download/visit.
Media Provenance
Record and display the chain of custody and original source for media.
Is something missing, or could it be better?