WordPress & Joomla theme users beware!

Thanks to Milo for giving me the heads-up concerning the discomforting news which targets WordPress & Joomla users.

Templates Browser is re-distributing public blog themes which are modified in such a way as to exploit the end user by inserting hidden spam or malware links. A quick search concerning the website pulls up the following links on AboutUs, Joomla forums, and Onnoot – here & here.

The links are inserted via an additional functions.php file which is included with the theme downloads. If you’re shopping around for public themes, I strongly recommend that you download directly from the original authors website.

Unfortunately, one of my own public themes – 5ThirtyOne V2 – is one of the "dirty" themes that has been modified and is currently being redistributed.

Spread the word and inform other WordPress & Joomla users – Digg this.

Take Care of your Hosting Issues

Make sure you have safe and secure hosting for your website. Sometimes unix web hosting is a more secure option, so do your hosting research before paying the big bucks. Take care of your website hosting issues today!

Discuss - 68 Comments

  1. […] days back, I read 5thirtyOne reporting about TemplateBrowser re-distributing WordPress Themes (and Joomla Templates) and adding […]

  2. […] then you should check your theme files for some malicious codes. This issue was first raised by Derek of 5ThiryOne (via JaypeeOnline) which hit Digg’s frontpage the other day. One of Derek’s free […]

  3. […] distribution site called Templatesbrowser dot com. I intentionally do not link to them. They are showcasing various authors’ themes and providing direct downloads for them. To make things much worse, they have added code to the […]

  4. […] deze omweg begint nu ook eindelijk de WordPress-wereld wakker te worden, lees bijvoorbeeld dit en dit. Een nieuw berichtje op Digg krijgt opeens wel volle aandacht: al bijna 600 diggs: WARNING! […]

  5. […] you may want to read about WordPress and Joomla exploits that are being included in Themes offered on certain third-party […]

  6. attila szabo says:

    Also beware of computer viruses that can inject a malicious JavaScript code into your website. More information about this issue : http://w3net.eu/?p=46

  7. […] According to this, a website called Templates Browser has been redistributing third-party free WordPress and Joomla […]

  8. […] Browser (no, I won’t link to them) is re-distributing public blog themes which are modified in such a way as to exploit the end user by inserting hidden spam or malware […]

  9. […] Browser (no, I won’t link to them) is re-distributing public blog themes which are modified in such a way as to exploit the end user by inserting hidden spam or malware […]

  10. […] can read more info on the 5thirtyone.com site. They have this to say: The links are inserted via an additional functions.php file which is […]

  11. […] Browser (no, I won’t link to them) is re-distributing public blog themes which are modified in such a way as to exploit the end user by inserting hidden spam or malware […]

  12. […] and visitors. In August I was disappointed to discover that WordPress and Joomla themes were being redistributed with malicious code; code which would track your own visitors or allow for random ads to be served. Since being […]

  13. Igor says:

    I was hit recently with malicious theme code. Google black-listed my site as a malware distributor, I am still awaiting their review process to remove me from the database.

  14. Roel says:

    Any heads up on this matter? I have already installed malware anti-virus on my pc since I am planning to create a wordpress based blog. I have also checked the link given on this matter. Would highly appreciate your feedback.

    • Derek says:

      No updates per say… Just be aware of where you are downloading themes from. All that I can recommend is that any 5thirtyone themes be downloaded from 5thirtyone.com ONLY.