Indonesia OA: Can you help with a malware problem?

If you know of someone involved with gold OA within Indonesia (probably working with universities), you might want to let them know about the situation described here. I normally just observe, measure and comment, but this case seems special enough to at least support action.

The Good News

Whether due to DOAJ‘s efforts or otherwise, the number of Indonesian gold OA journals within DOAJ grew rapidly during 2007, with 665 new journals (and a few apparently returned to the directory). I believe Indonesia now has more journals within DOAJ than any other country: 1,154 as of 1/1/2018.

The Bad News

Indonesia seems to have a problem with malware. Malwarebytes Premium, which I always run (alongside Windows Defender) after problems encountered with a few infected OA journals three years ago, finds an astonishing 286 Indonesia journals afflicted with malware–either the journal site itself or a site called by the journal site.

[How astonishing is that number? In the 2016 study, there were a total of 67 infected journal sites; so far, with almost half the journals checked, there are 21 outside of Indonesia.]

I do not ignore Malwarebytes warnings: I close the browser tab immediately. That means I don’t check the journal, and it won’t be included in the 2012-2017 Gold Open Access Journals report this summer–and, frankly, that any cautious user will avoid it.

I do recheck every malware-infected site during my second pass in April or early May (where I also recheck all other problematic sites–those unreachable, suspended, etc.–and the sites where it seems at least possible that late-2017 articles are being posted late). For journals that continue to be infected or problematic, I glean as much information as I can from DOAJ, but while I include these numbers in one or two “big numbers” tables, they’re simply excluded from the bulk of the report.

How to Help

People in contact with the publishers–mostly universities–could suggest that the site code be checked for problems, especially for subcalls. I’d start with Universitas Negeri Semarang, since the domain journal.unnes.ac.id shows as malware on nearly all that university’s OA journals–and also shows up as an infected call in quite a few other journals. Smaller domain problems include ojs.unud.ac.id at Universitas Udayana, ejournal.upi.edu at Universitas Pendidikan Indonesia and possibly others.

It’s possible that Malwarebytes is showing false positives, but I’m no malware expert, and since I’ve had malware problems directly traceable to journal sites in the past, I’m not willing to take the chance.

NOTE: These are not all new journals–indeed, most of them were in DOAJ before 2017 (102 appear to be new), but without malware.

You can download an Excel spreadsheet showing the title, URL, publisher and–in some cases–a note (“domain” means the URL up to but not including the first slash) as to the malware encountered. If you prefer, a comma-separated-values version is also available.

I hope someone’s able to clear these up; I look forward to rechecking the sites in late April or early May and finding few if any infected sites!

PS: About Romania

If you’ve read earlier progress reports on this year’s scan, you’ll know that Romania also had a number of malware issues: nine of the remaining 21 from the first 4,000 journals. Romania also had the most infected journals year, with 11. I am checking the remaining Romanian OA journals before going back to the alphabetical-by-publisher scan. Since there are only 137 more journals to check, I’d expect to finish this by next Tuesday (2/13) or so. If somebody out there would like to check on the Romanian journals–the probably-infected ones–send me email (waltcrawford@gmail) to that effect and I’ll provide a similar spreadsheet when it’s ready.

Note added 2/12/2017: I’ve done the Romanian scan, and it turns out there are only 11 infected journals in all. Here’s the discussion and a table.

Comments are closed.