Exploiters targetting our game with alarmingly malicious scripts

An exploiter/exploiter group keeps targetting our game with (a) script(s) he claims to do the following:

We’re not sure what to do as these are obviously bordering malware and we cant really stop them since we dont know how they’re doing these. Any suggestions?

1 Like

I’d be happy to help if I can. Have you actually witnessed it or are you just taking word for it? Taking word of mouth from exploiters is always a bad idea unless you have concrete evidence of it in your game on Roblox

Server Crashers work by spamming remote events in your game. I figured this out a long time ago because when you learn how Roblox works you realize that is how you communicate to the server. Trusting the client is always a bad idea. Remote functions can also be malicious. You can make exploiters life a nightmare if you are like me and know how to protect them but I would not share the code here because they will gladly take it from this thread and find ways around it

2 Likes

he sent a screenshot of people’s data allegedly having their data wiped (everyone in his server displayed zero wins)

we’re unsure if its a client sided edit or not… although he did have a server crasher by spamming remotes a while ago, we’re fairly certain we patched that by adding a remote event limiter (however it can false flag if you’re laggy enough…)

He pretty much cannot do anything unless your game is backdoored already.

1 Like

I would recommend keeping HTTP Requests off, I’m not entirely sure how it all works but from experience it’s kept my games safe. If more happens with these exploiters, I would bring Roblox up on it as soon as possible.

1 Like

Do you have access to the source code shown in the screenshot? It might be possible to deobfuscate the code provided. As mentioned by other people exploiters can not access things like your games data stores unless you have an underlying vulnerability in your games code or your game is backdoored. A first step to checking for backdoors is searching for mentions of getfenv() or require() in your scripts. Most backdoors are sophisticated enough to get around simple searches like this though so you’ll probably have to go through all your scripts. Backdoors also like to hide their code behind comments and large amounts of spaces to make recognising them at a glance harder. Keep an eye out for a suspiciously large horizontal scroll bar in the code editor while editing scripts. Lastly, make sure all your plugins are from trusted sources. Infected plugins can automatically add backdoors to your game and modify existing scripts as far as I’m aware.

1 Like

Most of these are related to remotes that give clients too much freedom and potential backdoors. Ensure that you’re performing checks on the variables a client passes to the server, apply rate limits, etc. Also ensure that no backdoor is present on the backend and not a single of your game devs that has edit access for the experience has a malicious plugin installed.

Lastly if you’re an experienced coder and have access to said malicious script you can find the answers you’re looking for there. No matter how obfuscated a script is it can always be cleaned up because it doesn’t rely on any secrets the script itself doesn’t know, else it wouldn’t be able to run the code within it.

I don’t recommend going after the exploiters who write said scripts, they’re literally telling you how to make your game better. They also force you into implementing good practices, for example data backups for each user so you can revert their data in case its lost.

if the players’ names in the screenshot are there, you can try to maybe “interrogate” them to see if it actually happened on their side too which will help you determine yknow the outcome

Unfortunately when i checked they were all offline on roblox, and we checked if their Roblox account was linked to our discord server (via a bot) and they didnt show up there either.