Every experienced WordPress user has come across Nulled-Warez plugins and themes, and to some of them, these may have sounded as a good thing to try.
In case you’ve downloaded one already, it is even more important to read what this article has to share.
‘Nulled’ is a tacky term to start with. People often associate it with hacked, cracked, or broken version of different products, which is why there is no ground to believe Nulled WordPress themes are harmless.
Don’t be fooled by them
Truth is, as attractive as they are premium and free WordPress themes rarely match. Instead, odds are good that a quality theme you’ve been checking but couldn’t afford its price is free only because someone has installed a malicious code inside (see more information on malicious codes and how to deal with them).
To make matters worse, this code is hidden inside an encrypted script that is difficult to detect. Once installed, the script pulls out data sending it to the original developer, which will eventually harm your blog and disclose sensitive information. Basically, you’ll be dealing with a nulled version of an original script whose author protection has been removed.
This makes it imperative to choose only trusted developers and vendors, and to do a thorough check of the theme/plugin you’re using.
How to check whether nulled premium themes and plugins are harmful? How can they affect your website?
To begin with, nulled themes and plugins are illegal to use, so you may end up getting sued for making money with a product you didn’t pay for.
Another thing that may be severely affected is the quality of your website. Nulled themes and nulled plugins may work perfectly if we assume the harmful code is not there, but in all other cases, they will be destructive for the content you’re providing.
The detrimental effects of nulled themes (cracked WordPress themes) and plugins
Walk a bit in a typical developer’s shoes: Does it really make sense for you to upload cracked versions on Warez sites for the mere pleasure of sharing?
No. You’re doing so because there is an agenda behind it, and you’re looking to earn or to damage someone’s work.
Once the malicious script is installed on your website, it is used in a variety of ways:
– To pull off backlinks without you knowing about it.
– To install links from other websites you won’t even notice without the necessary PHP knowledge.
– To enter your wp-admin area and to take control.
– To upload viruses that will collect information and send it back to him (user permissions and login data included).
Basically, the mere presence of a malicious code on your website is harmful to your SEO (sometimes even 100%), and you may end up losing your good Google reputation because of it.
SEO implications of nulled WP Themes
At a point where our site has been hacked and we’re feeling frustrated and powerless, a question arises: What is it that inspires people to sit around bundling harmful codes and releasing pirated themes?
Of course, there are still developers keen on helping others and sharing their work, but for most of them, reasons are nefarious. As discussed previously, developers use pirated themes to inject malicious codes in them, and sometimes even take possession of websites for certain black-hat SEO shenanigans.
How exactly does it happen? What hackers do is to install low-quality links on your website/page, leading to pharmaceutical, betting, loading, and other questionable sites. From Google’s perspective, this means the site is used as a transitional platform to lower-ranked pages and penalizes this as a black-hat SEO practice.
What happens next? Your Google rankings start dropping precipitously, and the engine is constantly asking you to rehabilitate the site. The task, however, is far from an easy one.
How are nulled themes used to make money?
Once the hacker has his code installed on your website, he automatically owns your admin access and uses it to earn money from Amazon, Adsense, and similar programs. It is because he now knows your Adsense and Amazon codes, and uses those instead of his own.
How to detect a malicious code?
Once you’ve downloaded a theme or a plugin, your first task is to scan it for viruses and harmful worms. The results will rarely be positive.
Virus and Trojan check
Open VirusTotal.com (a popular file and theme authenticity checker), and use it to upload the zipped file and scan it. If you get a red signal that means the file has been infected. Otherwise, you’re free to proceed to install it.
Plugins are in fact checked by another plugin for WP known as Exploit Scanner. Simply go to WordPress’s official website, and you can download it securely and for free.
Once you’ve installed it, go to Dashboard – Tools – Exploit Scanner, and activate it. In few minutes the scan should be completed, depending on how many plugins you’re using.
Once done, the plugin displays a list of suspicious codes you can easily find in your WP repository using the search filter. Delete those immediately.
Obfuscated PHP codes check
For this one, you’ll need more time and at least some basic PHP knowledge. Unfortunately, attackers are hardly ever naïve and didn’t develop a code you can read and understand easily.
In fact, even when you’re aware of the malicious presence, they will apply some clever tricks to stop you from solving the problem – for instance, you may note a call to base64_decode in the eval function, and that’s already a serious reason to be worried.
Let us make things a bit clearer:
Once executed, the base64_decode starts looking like a normal, plain text string, and eval actually executes it.
If this happens to your theme, you should immediately decode the string, and try to figure out what its task on your website used to be. This won’t always be a problem, though, as some developers use this function as a connection to them, and in order to confirm that the theme is licensed as it should be.
Just because a theme or a plugin is attractive and modern, doesn’t mean you should get at it all cost. In the best of both worlds, come in peace with the idea that good things are paid things, and avoid pirated versions completely.
Remember that pirated themes will never be displayed on Google – instead, they will be offered on a suspicious website, and completely missing once you start a dedicated search to find them.
Think about it – Why would someone share his excellent work for free if he can earn from it? Generosity is rarer than you may think, especially with the bunch of infections that turned certain hackers into millionaires.
Here is a quick overview of the reasons to avoid nulled and pirated themes and plugins:
– There is nothing good or safe about privacy. If nothing else, it may happen that the original developer contacts the hosting provider and asks for the site to be suspended.
– More often than rare, nulled themes and plugins are infected with malicious code, which gives the developer unlimited access to your website controls.
– There is no updates and customer support as with paid-for themes.
– Your website may easily be linked to spam content and ranked poorly by Google.
We understand the temptation of seeing a beautiful premium theme available at no cost, but in cases like these, free may imply a compensation you’re not exactly willing to pay: your website.
Basically, nulled plugins and themes are often corrupted and packed with malicious scripts that can harm your work in a variety of ways, such as injecting bad links, using pages as backdoors to irrelevant content, making money, or even taking your website/blog down for good.
If you can, avoid nulled products completely. Both in the cases of free and premium themes, try to download only from reputed websites and sources such as the very WP directory.
For those who’ve already installed widgets with questionable quality, we recommend a throughout test for malicious code, such as scanning them with the Theme Authenticity Checker.