Theme Malware Anatomy

Originally posted by Jeff Chandler at weblogtoolscollection.com.

Jeff Chandler posted this write-up about the danger of using free WordPress themes downloaded from the net.  I’m posting a short excerpt here and embedding the video for your information, but if you’d like to read his entire post, you can find it at:  http://weblogtoolscollection.com/archives/2010/12/10/theme-malware-anatomy/.

Take a few minutes and watch the video.  It will open your eyes…it sure opened mine!

Jeff writes:

“One of the biggest problems facing users of WordPress today especially when it comes to themes is malware. I’ve seen my fair share of websites using themes whose functions.php file contains base64 encrypted code that when decrypted, shows spam links. However, there also a number of themes that have code within them that installs malware onto the web server. After Chip Bennett, one of the Theme Team Reviewers noticed at least one of his themes were being made available on a website that claimed to have free WordPress themes, he discovered that something was not right. All of the themes available on the website contained some sort of malware that would be installed onto the users site once enabled.

As an aside, this video which was produced by Leland of Themelab.com provides a great explanation as to why you want to stay away from using Google when searching for freely available themes.”

Related posts: