Siobhan Ambrose went looking for a WordPress theme; of the top ten free WordPress theme sites listed on Google, eight had hidden, obfuscated, or encrypted code buried in them that rendered spammy keyword links that were part of a deceptive search engine optimization scheme; in some cases, Siobhan couldn't figure out what the offending code did and speculates that it might contain malware. Of the remaining two, one hosted themes that didn't validate. The remaining site, WordPress.org, is the only site in the first ten Google results for "free wordpress theme" whose themes don't contain deceptive backlinks, obfuscated code, or non-validating themes.
Exploit scanner came up with 17 severe warnings for this theme. Since there are only 4 links showing at the bottom I think we can assume that this theme is either packed full of hidden backlinks or there is something else going on.
(Thanks, Fipi Lele!)
- What's wrong with Search Engine Optimization – Boing Boing
- Killing BadWare via a Community – Boing Boing
- Senator's campaign website suffers search-engine death penalty for …
- Times.co.uk caught spamming social sites – Boing Boing
- Did eBoost Media customer service rep call customer a faggot …
- What's right with Search Engine Optimization – Boing Boing
- Spammers discuss breaking Craigslist verification system – Boing Boing