Malware in Gold Open Access Journals 2018: Part 1, Indonesia

When I prepared GOAJ3: Gold Open Access Journals 2012-2017, I found an unfortunately large number of OA journals that Malwarebytes Pro flagged as being or calling to malware–and most of the problems were in Indonesia, with significant numbers as well in Brazil, Malaysia and Romania. I reported on those issues and alerted DOAJ; some of them were fixed before I did the final check of problematic journals.

I was hoping that this year’s scan (which began January 3) would find most of these problems fixed–but within the first 1,500 journals, there were still a significant number of malware hits from Indonesia and a few others.

So, in the interest of seeing if these problems can be fixed, I detoured from my normal testing order (alphabetic by publisher) to finish the four problematic countries first.

I’ve now finished the scan of Indonesia’s gold OA journals–1,373 of them. Unfortunately, what was a widespread problem last year (in the end, 136 infected journal sites) is now even worse, with 198 journals flagged as malware (and another 88 that were unreachable, many of which may also be malware).

The good news is that 55 of the problematic journals in 2017 are now OK. The bad news is that 145 previously-OK journals are now infected (usually at the domain level–that is, before the slash) or otherwise unreachable, as are 556 newly-added journals.

Almost all of these–all but six–are published by universities, Five universities account for 106 of them.

I will retest all malware-infested and unreachable journals after the overall scan is complete, but no earlier than April 15. I’m hoping that many (all?) of these will be fixed.

I’ve made a Google Sheets spreadsheet of the problematic journals available at https://docs.google.com/spreadsheets/d/1iAfXDQPI9Cxwz6J7wEoGRUhX9Sed2gvmkxcIbuLRNic/edit?usp=sharing.

The spreadsheet is arranged by publisher, and interleaves XX (other problems) and XM (malware). For XX, most journals have a note describing the problem–e.g., “dns” for server resolution problems, “refused” for refusal to connect, “db” for database failures.

I’ll post either one or two separate notes and spreadsheets after scanning Malaysia and Romania (which should be done within the week) and Brazil (a HUGE set of journals with very few problems), which should be done in early February. NOTE: Make that three more notes, but at most two more spreadsheets. I’ve finished scanning Malaysia’s OA journals, and as discussed here, it’s all good news: there were no malware infections.

Note: a few of the XM journals have second-level malware: outbound calls that Malwarebytes Pro prevents from occurring while leaving the joiurnal’s home page available. That’s still dangerous if you’re not using really good malware prevention, but I’ll code these differently in the second pass.

Also note: a few (dozen?) journals have a different issue that Malwarebytes Pro did NOT flag, and I didn’t penalize them: the first time you click on any menu item, an ad pops up, but then it’s OK. Except for one case, the ad’s always the same: an English-language free dating service. These popovers (the ad takes up the whole window) should be eradicated and represent sloppy software security, but they fall into a different category.

If you know of folks in Indonesia who might be able to fix these security issues, please pass this on. The spreadsheet, once again, is at https://docs.google.com/spreadsheets/d/1iAfXDQPI9Cxwz6J7wEoGRUhX9Sed2gvmkxcIbuLRNic/edit?usp=sharing

Leave a Reply

Comments will be closed on March 19, 2019.

Comments Protected by WP-SpamShield Spam Plugin