There are currently some web articles warning of how some WordPress themes have code within them that installs malware onto the web server and functions.php file contains base64 encrypted code that when decrypted, shows spam links.

Ottopress has published an article with examples of where to look for compromised code.

Full article at:

Ottopress recommend getting your free themes from Extend-Themes instead.

WordPress Theme Malware Prevention and Protection article at: