That’s unfortunate, do you know if you were using any free models and what they were if that was the case? It might also be from a plugin you have (even if it is by a “trusted developer” it still could contain something that is injecting the backdoor into your game’s code)
EDIT: You could also try using Ctrl + Shift + F and searching for usages of InsertService instead, they might be using it to insert the backdoor as an ordinary script instead when the game runs.
Still, we trying to search the module id the backdoor nothing shows up which is really weird. The people who backdoored the game want nearly 50K robux for them to tell us how to find the backdoor in the game.
We already checked these words and we cannot find the module id of the backdoor which is really weird and they used a “private method” to hide the backdoor and that’s it is very well hidden.
First of all, do NOT fall into their blackmail attempt, that only leads to further issues.
I have a few things
Does the game use an admin system, if so, what is it?
Some common keywords used in obfuscation; = require.load(gamesetmetatablestring.chartable.concatgetfenvsetfenv
Server Scripts cannot hide in hidden services or obscure locations. They can only run in Workspace or in ServerScriptService, Roblox made this change not too long ago.
I am very interested in helping you get rid of this backdoor, as nobody should have to pay 50,000 to a few annoying exploiters.
Have all of your developers checked their plugins, just in case. Also, common things may be that a script may go on for a good while (scroll down to the bottom of that script, then there should be a vertical scrollbar, if that continues, go all the way to the end of it, there could be hidden code.
This is typically the cause with something called “RoSync”. They say that the script was last synced at a specific date, but then if you scroll all the way to the side, you get a loadstring containing malicious code.
The plugins that spread the serversides are usually impersonating known creators with groups or similiar usernames. Check your plugins and their creators. Also check the plugins of everybody who can access the studio. The reason why you might not be finding it is that there is couple serversides that do not use "getfenv" or "require" to spread the serverside.
Please contact me in Discord through Tiitus#3617 if this does not help you at all.
Isn’t there a getfenv that comes right before obfuscated text?
Either way, I’ve checked out the asset that the script requires. It doesn’t seem to be for sale, and if I remember correctly (may be wrong however) require only works when a module is set for sale.
I’m guessing the people who orchestrated this are planning to activate it if you don’t pay up.
Anyways, you should probably delete that script.
Another note:
I’ve heard that some people like to obfuscate their code to prevent theft, especially with long scripts like these, and based on its contents this may be the case.
I’m guessing that since this is being posted on the devforum, they are taking it offsale so people smart enough wouldn’t try to “crack” the source to the backdoor.
If you have a back up and or save, overwrite the save to the main game, or if you don’t, set the game to an older version or use an auto recovery save. It might not get rid of the back door fully, but it should remove all the damage until the person who back doored you strikes again. In that window of time delete all plugins, use ctrl + shift + f to find all require function or what ever they are called and delete/edit the scripts that have it.