Hello, it has came to my attention recently that hackers have been ravaging my servers, I’ve witnessed a music exploit, and, seen screenshots of random parts laying around ingame. Sometimes coupled with the music. Players have also said “the total ultimate destruction of the map” Has occurred, I have not witnessed this nor seen any screenshots.
My remotes are secure to my knowledge, they do not have free will to create parts/sounds.
I’ve checked for usual keywords of backwoods, like require, getfenv, etc. Nothing came up.
Is this normal? Do I have to create a anti-exploit or is there something else going on here?
Have you used free models in your game? Always check if they contain scripts and what those scripts do. Also check what kind of plugins you have installed in studio.
Your remotes shouldn’t be a problem unless you create new instances on the server through them. Keep in mind that they can send whatever they want through the event. If exploiters can insert sounds in the (server) workspace that is a serious problem likely caused by a backdoor in your game. Have you checked all your scripts? There exist plugins that get all scripts and you can delete them if you don’t recognize them.
check some of your own code, and loop over game:getChildren() to find any hidden scripts. Some plugins insert backdoor code inside random scripts inside serverScriptService and such.
Exploiters use your remoteevents to exploit an example is a carsound remote. If the sound ID is an argument you can exploit it and use an other ID for example.
FE is forced on to all games now and with that being said, the hackers are probably firing the remote events to do some sketchy things… I don’t believe theres an executor server sided unless you have loadstring enabled