Are your WordPress themes hacked?

[Hunter_ST_69]

Something that occurred to me when I installed wordpress on a new site was actually just mentioned on gigaom.
Link to gigaom story

Basically, the wordpress theme that you install may very well contain code set to execute at a future time, turning your site into a spambot.

Q: Where did your wordpress theme come from?

I'm always on the hunt for new WP themes, but now I'm gun shy about installing themes I find.

Any recommended-safe sources?

[nolimits4]

that why they say to get official wordpress themes from wordpress

[Cozy Monica]

The official themes are so boring and often difficult to customize because they aren't quite right.

I've always wondered if this was a risk though, and I'm betting it gets more and more common all the time.

[phuckbunny]

The other day I was checking where my visitors are coming from for one site. One of the search strings was something like XXXX...fill in the blank porn star + xanax. Sure enough one of my posts about said porn star came up in the top ten, yet I have never mentioned xanax in my blog once. Seemed like some type of hack and I was wondering myself how to investigate it. I have spam karma installed but this was odd.

There are a bunch of places to find good themes though for free if you do research, it's just soooo boring trying to find a good one and just as boring to use the boring themes from the WP site... A few reputable designers come out with new themes periodically though which are hack proof.

But that is something to think about, and I have no idea what was going on with the xanax thing.

[razor]

PB, Could be referral spam, they hoping you will click on the link.

I often get links from AFF in mys stats with an affiliate code.

[Cozy Monica]

If you use Firefox, open up the main page of your blog, then click on Tools, Page Info, and Links. It will list ALL of the links found on your site and you can look and see if there's anything inserted into your page that you didn't choose to put there.

That way, you can see things that might be hidden by code or color.

[mynameisjim]

Quote:

Originally posted by Cozy Monica
If you use Firefox, open up the main page of your blog, then click on Tools, Page Info, and Links. It will list ALL of the links found on your site and you can look and see if there's anything inserted into your page that you didn't choose to put there.

That way, you can see things that might be hidden by code or color.

I'll be damned, one of my oldest blogs had been hacked with a ton of pharma spam links.

I'm almost afraid to remove them because it's doing so good in the SERPS...LOL!!

Actually, that was the second blog I ever made and I never updated the wordpress version. Maybe I should.

[sunfunbill]

Well I guess mine seems ok, and it was a theme I got elsewhere than WP themes.

Yes the official themes are hard to work with, and boring. I have done so much so fast with the one I have now. It's lightweight, loads fast and easy to figure out.

In fact I'm going to download all the ones this place has so I have them before they stop making them, or do decide to put links in them!

[mynameisjim]

Turns out my theme wasn't hacked but I didn't really think that was the problem.

There is an exploit with older WP installs in the links.php file were people can insert links into your blogroll.

Just thought I would post this if anybody is running older versions.

[January]

This is a good example of why you should look through any new theme's code very carefully before going live with it. This is a good idea, anyway, since (in my experience) a lot of themes that you can download aren't totally finished, or, at least, don't display consistently on all blog pages across all major browsers and operating systems. And then themes not specifically designed for adult blogs can almost always benefit from tweaking of one form or another.

I've encountered themes before where some of the code provided is encrypted (often using base64, FWIW). This usually seems to happen where the theme designer has some affiliate links in the footer that they don't want users of the theme to remove. But, as noted, that code could just as easily have been designed to change to something more malicious at any point.

Personally, I wouldn't upload a theme that contained any code that I couldn't read or edit.