Nulled software is frequently distributed by malicious actors, not philanthropists. When a developer "nulls" a script, they must modify the core code to bypass the license verification. This process creates a prime opportunity to inject malicious code.