I just found out that two of my downloaded free WordPress themes had links to websites that I did not authorize. At first I found this on http://www.liebwerks.com and thought it was caused by a virus. But actually I installed this theme myself and never checked it!

In the footer.php there was a link to a website I did not put in there. It was hidden in a base64_decode() php function so when editing the file you can’t see what it is actually doing until it renders on your WordPress page.

Here is a good article on the this problem:
http://www.tech-evangelist.com/2010/06/16/beware-free-themes/

I keep setting my (somewhat lame) Biker theme in WordPress and when I come back a day or two later its back to “Default” again!!!  So annoying!!  Anyone know why this is happening?