Malware in OA

Here’s the short version: if you’re involved with gold OA and think you can contact useful people, download, a spreadsheet with allĀ 410 journals flagged as having malware during my scan of gold OA journals (first pass just completed). Sites that are fixed by May 1, 2018 will be included in GOAJ3: Gold Open Access Journals 2012-2017. Those that aren’t, won’t.

CHANGES 4/4/2018: At DOAJ’s request, I’ve added ISSN and E-ISSN columns to the spreadsheet, both populated using Excel VLOOKUP on the URL column.

Slightly longer version:

I’ve finished the first pass. There are a lot of journals with malware problems: 410, as compared to 67 in last year’s run.

Yes, Indonesia makes up the bulk of them–but by no means all.

The acceptable number of infected journal sites is, of course, zero.

The spreadsheet is arranged by country, then publisher, then journal. A “note” column contains possibly-useful notes (e.g., did Malwarebytes flag an outbound request as malware or was it at the domain leverl?).

Thirty countries had at least one instance, but most were from a handful of countries:

Indonesia 287
Brazil 41
Ukraine 13
Romania 11
Malaysia 9
Portugal 5
Colombia 4
Costa Rica 4
Iran, Islamic Republic of 3
Philippines 3
Poland 3

These countries had two cases each: Argentina; Chile; Italy; Morocco; Nepal; Peru; Spain; Venezuela, Bolivarian Republic of.

These had one each: Bangladesh; Bulgaria; Ecuador; Georgia; Mexico; Mongolia; Paraguay; Taiwan, Province of China; Tunisia; United Kingdom; United States.

The spreadsheet includes a country page–and a publisher page for those (slightly normalized) with four or more malware journals.


The second pass will probably start around April 20, 2018–but journals still flagged as having malware will be tested once more, no earlier than May 1, 2018, but probably not long after that.

If I continue to hit malware, I’ll try an alternate access path (doing a journal name search in Bing or Google); if that doesn’t help, I’ll pick up numbers fro DOAJ if I can–but only for “bigger numbers.” I won’t include infected journals in the overall study, and certainly can’t recommend them.

Interestingly, only three of the journals were also infected with malware in last year’s study.

Leave a Reply

Comments will be closed on May 28, 2018.

Comments Protected by WP-SpamShield Spam Plugin