I need all of the best ways to detect viruses and backdoors

So I’m potentially looking into creating a plugin that’ll scan your games entire code and point out potential viruses and backdoors. What are some of the best ways to detect viruses and backdoors? I’m looking for as many potential things to look for to make a very powerful plugin. All contributions are greatly appreciated!

2 Likes

You could create a plugin that scans for use of methods such as getfenv and loadstring, as well as require as this is the typical method of attack by malicious actors (although there are legitimate use cases for these methods). Additionally, you could scan for suspicious patterns that appear to be obfuscation tactics

Honestly, this has already been done and the best course of action is to be intelligent with what free assets you use

1 Like

Its not even an issue w/ free assets. Someone on your team could one day insert this backdoor (either intentionally or unintentionally). A chain is as weak as its strongest link. I personally dont work with anyone but people that do have an issue where even if they are the most security conscious its useless if their partners are not the same way.

The best thing to do is have a plugin that scans the game everytime you hop on and will alert you right away. Getfenv, loadstring, and require seem to be the best ways. But what kind of content inside those required scripts could I scan for to tell if its a virus or backdoor? I do know that every free model backdoor has to send a webhook to know what game is infected so thats a good way to tell. What are some other things that may be inside a backdoors backend?

In addition to getfenv and loadstring, keep an eye out for obfuscation.

Typically, you’ll find this present on one line and it will look like a bunch of nonsense.
Removing it should do the trick, but it can be present in any script.

You can rest a bit easier knowing that Roblox Studio 2.0 has built in features to prevent hiding spots of malicious instances:

“Common viruses will use hidden game services such as Timers or Geometry instances. Others may use joint objects like Welds, Glues, RotateP’s or RotateV’s. These classes are not hidden in Roblox Studio 2.0 and thus the malicious scripts can be easily discovered and removed.”

Viruses used to be much harder to detect in Roblox’s infancy, but now it is easier. Just be sure you are getting your plugins and models from reputable sources and you should be fine.

2 Likes

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.