Found this article from Derek Punsalan’s blog 5ThirtyOne.
Templates Browser dot com is collecting WordPress & Joomla public themes and modifying them by inserting hidden spam or malware links that can compromise the end user then re-distributing it in their site. These spam and malware links are inserted in a functions.php file that comes with each theme download.
Derek’s popular WordPress theme 5ThirtyOne V2 is one of the themes being re-distributed by Templates Browser. Other themes in their list include the Fresh theme by iLemoned and the NotSo Fresh theme which I previously used here in my blog.
If you’ve recently downloaded a WordPress or Joomla theme from Templates browser, make sure you don’t use it and download a clean version from the theme’s original source. That’s why it’s always a good practice to download themes from reliable sources or directly from the author’s homepage or theme homepage.
Please help spread the word so other WordPress & Joomla users would be aware of this. Visit Derek’s post and Digg it.
Written by 
*Don't forget to verify your subscription by clicking the link on the email that Feedburner will send you.*
February 26th, 2008 at 10:25 PM
@webslave – You’re welcome! Just doing my best to spread the word and warn users. Yup, we really should be careful on what we download or install on our blogs. :)
Daghang salamat sa imo pagbisita sa akong blog. ;)
February 26th, 2008 at 10:21 PM
tsk..tsk.. thanks for that infos… *sighs* now i know.. i should be careful.
daghang salamat sir!! :mrgreen:
September 12th, 2007 at 11:02 AM
@Gary – Oh okay, that’s good. You’re welcome! :)
September 12th, 2007 at 10:42 AM
Thanks, Jaypee, but I changed the template back to a safe one.
:grin:
September 12th, 2007 at 6:30 AM
@blogOloco – Yup, we really should be cautious and vigilant when it comes to these type of issues. I always remind my readers to only download themes or plugins from reliable sources.
I’m using Firestats for that. You can download it here.
September 12th, 2007 at 5:59 AM
It’s good that you highlighted this issue. It’s something that you would be cautious on. Make sure you don’t download anything from a dodgy site especially. Themes and Plug ins both can be targetted definitely. They will try whatever they can.
OTT – i’m interested with your location avatar that show up beside the user comment. could you tell me where to download it. cheers mate.
August 17th, 2007 at 10:30 AM
@Gary – It does seem to be intermittent but if Google finds out that your blog is linking to spam blogs, you might get blacklisted. Better safe than sorry. :)
August 17th, 2007 at 9:39 AM
I found this post after looking through my generated page code for Joomla! and found various links to University porn stashes.
However, it seems to be intermittent?
August 8th, 2007 at 5:14 AM
@Connie – You didn’t specify kasi so I was left to speculate. LOL :D
August 8th, 2007 at 2:51 AM
Hoy, Jaypee, ang dumi ng isip mo ha. “Dila” and ibig ko sabihin mwahahahahahaha
August 8th, 2007 at 12:32 AM
@Connie – Ganun ba? Eh pano kung babae sila, ano yon puputulin? LOL :D
Maybe we can start another mob to get rid of sites like this. If you already started one, let me know so I can join. :)
August 7th, 2007 at 8:49 AM
Uy Jaypee, I meant “putol” elsewhere hahahaha
LOL @ Ajay. Don’t you just love it? I was very proud to be part of the mob that got the WP themes with sponsored links off the WP site. hahahaha
August 7th, 2007 at 8:00 AM
@ajay – I don’t think my post was the one that spawned the “local” thing or is it? Or maybe you’re referring to the issue that’s involved in this post? Sorry, I’m a bit confused. Hehe :D
August 7th, 2007 at 7:48 AM
Didn’t quite realize that this post has spawned an even bigger controversy locally . Shame on these Pinoys!
August 5th, 2007 at 7:45 AM
@Riz – My bad. I wasn’t able to explain it well coz Twitter limits the number of characters per message.
The only way to fight them is to tell other WordPress users about it so they won’t download from that site again. Maybe you can post an announcement on your blog about it so those who use your themes would know.
August 5th, 2007 at 3:03 AM
Ohhh okaay. I didnt understand your twit. I didn’t realize it was redistributed with spammy links. arrg. Tsktsk. Is there any way we could take the themes out of their database? Arrg. Screw these people!!
August 4th, 2007 at 3:00 AM
@Connie – Some people use their talents into bad use. I agree, dapat nga sila putulan. Putulin ang mga daliri para hindi na sila pwede mag type ulit or mag modify ng mga themes. :D
August 4th, 2007 at 2:43 AM
Anak ng tinapay! Di pa nakotento sa spammy links sa footer. Dapat talaga sa mga yan, putulan.
August 3rd, 2007 at 11:00 PM
@jhay – Engenuity taken to another level. Really nasty indeed!
August 3rd, 2007 at 10:58 PM
Talk about engenuity right? Nasty evil-doers.
August 3rd, 2007 at 2:15 PM
@Elizar – Make sure you only download from the theme author’s site or from a very reliable source. You’re welcome!
August 3rd, 2007 at 2:09 PM
OMG! I am actually looking for a joomla template! geezz, good thing i’m still using the default one….
hope the one i download is clean..
thanks for posting this man! ;)
August 3rd, 2007 at 11:30 AM
@Joni – I know. Some people will do about just anything just to make money. I sure hope those people who downloaded themes from that site would be alerted before it’s too late.
August 3rd, 2007 at 11:25 AM
Tsk tsk! These people have nothing better to do! I feel sorry for those WordPress and Joomla users who made use of the modified themes with hidden links and malware.
You’re right, WP users should just download themes directly from the author’s website. Themes.wordpress.net is reliable website too.