Serial ‘hijacker’ targets Arctic journal in another science publication heist

The University of Calgary’s journal Arctic is the latest victim of a serial science journal ‘hijacker’ who has targeted dozens of scientific publications over the last several years, according to an expert who studied the phenomenon of hijacked journals and fake publications.

The Arctic Institute of North America (AINA) at the University of Calgary, in the Canadian Prairies, warned researchers at the end of April that “a fraudulent website claiming to represent the journal Arctic has been set up by cybercriminals, requesting submissions to extort money from researchers.”

The tweet said the fraudulent journal used a slightly different domain name and provided a link to the real journal Arctic.

Be aware a fraudulent website claiming to represent the journal Arctic has been set up by cybercriminals, requesting submissions to extort money from researchers. The fraudulent domain is .org. The journal Arctic can be accessed at https://t.co/1Cien3MQ3z
Patricia Wells, Editor

— Arctic Institute (@ArcticSynthesis) April 29, 2019

Officials with the University of Calgary were tight-lipped about the case, saying only that in 2017 they sent the operator of the fake website a cease-and-desist order. But two years on, the site is still active.

Mehrad Jalalian, an Iranian expert who has written extensively about the phenomenon of fraudulent websites posing as legitimate science journals, said he was confident the Arctic journal was hijacked by a prolific Eastern European cybercriminal who has pulled off dozens of such hijackings.

A sophisticated scam

The fraudster, who uses the online alias of Ruslan Boranbaev, has designed a systematic approach to hijack more than two dozen science journals worldwide, Jalalian told Radio Canada International after analysing the fraudulent website.

“The criminal who hijacked that journal, is also the owner of a fake website – Science Borders – that works on gathering online payments,” Jalalian said. “That is a scam website for collecting money (publication fees) from the researchers that publish their articles on that hijacked journal.”

Both the fake website of the hijacked Arctic journal and the fraudulent Science Border website are hosted by a web hosting company in Ukraine, he said.

To hide their tracks, the hijacker uses a sophisticated system that converts “publication fee” credit card payments by researchers into Bitcoins, which are virtually untraceable, Jalalian said.

Many of Jalalian’s findings were corroborated by Radio-Canada digital journalist Jeff Yates, who used DomainTools software to run a search on the fraudulent journal site.

The search found that the email used by the person who set up the fake Arctic journal was the same one used by the site administrator of the bogus Science Borders website, Yates said.

That same email address was also used by the administrator of several other hijacked journals identified by Jalalian as having been hijacked by the person using the online alias of Ruslan Boranbaev and listing fake addresses in Moscow, Dublin, Berlin, Durbanville, and Mexico City among others.

Perverting scientific research

Jalalian is the co-author of a study that looked into 90 cases of hijacked science publications where online hackers and cybercriminals built fake websites that mimic reputable journals.

Most of these journals were indexed by Web of Science (WOS), an online subscription-based scientific citation indexing service that provides a comprehensive citation search, Jalalian and his co-author Mehdi Dadkhah found.

Using sophisticated mass mailing tools, the cybercriminals then broadcast calls-for-paper requests to snare unsuspecting or unscrupulous researchers desperate to pad up their CVs with scientific publications.

As the next step these cybercriminals introduced a second product – bogus impact factors and misleading metrics that were compiled by unknown organizations, Jalalian and Dadkhah wrote.

The impact factor is a measure of the frequency with which a scientific article has been cited in a particular year. It is used to measure the importance or rank of a journal by calculating the times its articles are cited.

The problem is that the articles that are published in hijacked journals without the benefit of peer reviews might eventually get incorporated in the literature reviews of future research, Jalalian and Dadkhah say.

“In this way, the hijacked journals violate and undermine the validity and reliability of published research,” Jalalian and Dadkhah wrote.

“It seems the journal hijackers have attacked the reputation and money of researchers and also the reliability of research findings and metric measures in legitimate networks such as Web of Science, Scopus, Google Scholar Citation and Index Copernicus.”

Related stories from around the North:

Canada: Laptop with health data stolen from Northern Canadian gov was unencrypted, CBC News

Norway: Norwegian aluminium giant Norsk Hydro hit by ransomware attack, Radio Canada International

Sweden: Sweden police chief granted Canadian company access to sensitive data, Radio Sweden

United States: Unsecured database discovered with information from about 600,000 Alaska voters, Alaska Public Media