The dream of every blogger and aspiring webmaster is to have a professional website with standard design some of which are not available in most free wordpress themes, however the noobs out of ignorance go ahead and search for free premium wordpress theme, nulled wordpress theme, wordpress premium theme free download...
A lot of paid stuffs are freely available online for free download, 97% of which the sources are unknown, so before you even think of getting paid wordpress theme for free, ask yourself the source of the theme and plugin you are downloading, why was the theme nulled and given out for free, and maybe just maybe you will consider buying premium theme rather than causing unnecessary damages to your website.
Check This Out: Step By Step Guide on How to Trade Forex
Lets face the fact, Nulled theme or plugin can break or damage your site/blog beyond repair, do not listen to any website that claims the theme or plugin is malware free even after scanning the theme, it's still advisable not to use it for your own good as this can cause your site a whole lot of irreparable damages, Check out the image example below of damages caused by nulled theme
So he contacted Chigozie and narrated the whole incident, He worked on it for some hours trying to figure out the malicious codes and This was what he found inside.
Check This Out: Simple trick to Fix Android Wi-Fi Connection
The dream of every blogger and aspiring webmaster is to have a professional website with standard design some of which are not available in most free wordpress themes, however the noobs out of ignorance go ahead and search for free premium wordpress theme, nulled wordpress theme, wordpress premium theme free download...A lot of paid stuffs are freely available online for free download, 97% of which the sources are unknown, so before you even think of getting paid wordpress theme for free, ask yourself the source of the theme and plugin you are downloading, why was the theme nulled and given out for free, and maybe just maybe you will consider buying premium theme rather than causing unnecessary damages to your website.
Check This Out: Step By Step Guide on How to Trade Forex
Lets face the fact, Nulled theme or plugin can break or damage your site/blog beyond repair, do not listen to any website that claims the theme or plugin is malware free even after scanning the theme, it's still advisable not to use it for your own good as this can cause your site a whole lot of irreparable damages, Check out the image example below of damages caused by nulled theme
The below snapshot was a snapshot shared by Chigozie, a snapshot he took from a website he was working on, the theme name is ZOX-NEWS wordpress theme the owner ignorantly downloaded the theme online (some websites was claiming it's a premium theme for free) and since he doesn't know the risk he's about to take, he couldn't find anything wrong with getting himself a premium theme for free so he downloaded and installed it on his site and have been using it for quite a while now, so as time goes on and his traffic increased, the attacks started coming in, this affected all popular post on his blog, once a visitor click on any popular post the visitor will be automatically redirected to another website.
So he contacted Chigozie and narrated the whole incident, He worked on it for some hours trying to figure out the malicious codes and This was what he found inside.
Check This Out: Simple trick to Fix Android Wi-Fi Connection
What Happens When You upload a Malicious Wordpress Theme
Most common wordpress malware hack is Wp-vcd, wp-vcd is a malware that are are able to help hackers exploit vulnerability that can allow them access your site through backdoor, Once the malicious theme is uploaded, wp-vcd malware creates Spam URLs on the website (also often referred to as URL Injection)
How to know if your site is infected with wp-vcd malware?
- Check your user roles, if a new WordPress Administrator has been added without your knowledge then it's obvious your site has been infected with Wp-vcd Malware
- A spike in SEO spam, you will notice your spam score and spam backlinks has increased rapidly (This are often from Chinese or Japanese Pharma spam links)
- Popular post or pages on your website are being redirected to some shady websites
- Unknown JavaScript code in the source of your website and PHP files in wp-includes folder which are not there in the WordPress GitHub repository
- Your web hosting provider may suspend your WordPress account because of wp-vcd malware, this is necessary to protect attack on other websites from the attack (Especially if you are using shared hosting)
Stay safe and stop using nulled theme or plugin, free wordpress theme from wordpress directory or from the official site is better to use than causing damages to your website.
2 Comments
WTF is "plugging"?
I've had similar experience before, you're right we need to be absolutely careful