1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Wordpress Theme/plugin malware

Discussion in 'Blogging' started by rreeve, Feb 3, 2011.

  1. rreeve

    rreeve Newbie

    Joined:
    Apr 8, 2010
    Messages:
    47
    Likes Received:
    11
    Yesterday I downloaded a premium theme and plugin called WP-Answers from BHW. The theme an plugin looks great because it turns a wordpress blog into a website like Yahoo! Answers. It also scrapes question and answer content from the real Yahoo! Answers that relate to the keywords you pick. Its the perfect sollution for me however I worried that it may contain malware.

    This products real website is here: wp-answers.com and as you will see it costs $89 to buy. (sorry, I'm not allowed to post urls yet)

    Here is the BHW thread where I got my version: blackhatworld.com/blackhat-seo/black-hat-seo-tools/276630-get-wp-answers-plugin.html
    and as you will see, it enables you to download the theme and plug for free from a MediaFire account.

    I obviously have no proof that this theme/plugin contains any malware but I do know there is a real risk when your not downloading from reptuable sources. Can someone here please tell me how I can check for Malware because as I said its the perfect sollution for me and I don't want to have to pay $89 for it.
     
  2. BugFixed

    BugFixed Junior Member

    Joined:
    Sep 24, 2010
    Messages:
    130
    Likes Received:
    39
    Extract it local directory/folder.
    Scan that directory using some anti virus, malware scanners, trojan scanners.
    Or upload it by yourself to virustotal

    The last thing, if you still not statisfid, check each php codes one by one.
     
  3. haridada

    haridada Senior Member

    Joined:
    Oct 9, 2008
    Messages:
    996
    Likes Received:
    382
    Location:
    Chennai
    Since you've already downloaded the file you mentioned, just upload it to virustotal.com and check whether the file is infected with malware or not.

    Scan with the antivirus you've got in your computer.

    infact if you actually see the post where you downloaded wp-answers from the download section, there is a virusscan report which says VT scan report 0/43 which means there are no virus / malware.
     
  4. cyberzilla

    cyberzilla Elite Member Premium Member

    Joined:
    Nov 15, 2009
    Messages:
    2,204
    Likes Received:
    3,364
    Location:
    zeta reticuli
    Nothing to worry because here Virus scan is mandatory for themes. OP posted VT scan for that share and it is clean. If you are not satisfied with that, you can use a plugin called
    Theme Authenticity Checker


     
    • Thanks Thanks x 1
  5. Sonat

    Sonat Junior Member

    Joined:
    Sep 15, 2009
    Messages:
    116
    Likes Received:
    553
    Occupation:
    Try to be an good IM
    Location:
    International Area
    Shared right here:
    Code:
    http://www.blackhatworld.com/blackhat-seo/blogging/264628-wordpress-tac-plugin-theme-authenticity-checker.html
     
  6. rreeve

    rreeve Newbie

    Joined:
    Apr 8, 2010
    Messages:
    47
    Likes Received:
    11

    Thanks thats great. How about plugins though? Is there something simular thats able to check plugins in this way?

    I have done my own checks with VirusTotal but this is not full proof.