PSA: Marketplace Asset Removals

That error comes from Kohls Admin. It happens everytime you close a playtest when you have it in your game.

This is a good first step, but there are several groups that have bots uploading assets to the site that contain malicious backdoors. Is anything going to be done about these groups? They tend to upload hundreds of modules, all requiring eachother in a big chain to hide their source code, which is also obfuscated. I would suggest making obfuscated code against the Terms of Service but that might be hard to do, and a simpler solution might be to limit the amount of modules that can be required in a row. I don’t know why any legitimate program would use more than maybe 10 to be generous.

1 Like

That update has got my account, and some other innocent accounts terminated without any notice nor a warning, I myself didn’t upload any malicious assets nor models.

Will require executors places be removed too?

This is great! As long as this wont result in a lot of falsely flagged items then this will improve the marketplace a lot.

Nice to know Roblox is taking proper action for awareness! However, I don’t really think Venom is a good choice for users to use as its not only old, it isn’t up to date in the sneakiness of backdoors these days. Though its the developers choice if they want to use it.

GameGuard Anti Virus V2 [ALPHA] - Community Resources - DevForum | Roblox
GameGuard has proven to be a much better option from experience, but its always best to manually check your scripts rather than rely on plugins.


I found more backdoors in free models using the keyword, “getfenv”. They use this global function to obfuscate tons of things.

Thank you. Simply put: thank you.

Maybe please show us a list of malicious scripts, so we can delete those that are actually malicious in-game instead of just removing some scripts that may be needed.

Yeah. You should also look for “require” and “MarketplaceService” and “TeleportService”.

You can press

Ctrl + Shift + f

to find look for a keyword in all scripts :wink:

In all due respect,

Preventing obfuscated code is really the worst thing Roblox can do right now. The best solution to backdoors is preventing botting. If they cannot bot models or plugins, it’ll be coniderably harder to get “games” under their infection.

The 2nd worst thing they can do right now is require captcha when adding assets to a game, please don’t do this Roblox.
Add like a Anti VPN and Proxy.

1 Like

Is this complete? Because if it is, it didn’t to a good job.
Still also getting teleported in an old game.

Roblox I am very disappointed in your moderation, you literally just terminated MILLIONS of innocent developers including myself. SHAME, SHAME ON YOU ROBLOX.

1 Like

Exactly what happened to me. Roblox has very poor moderation and I lost a lot of hard work.


I really like that Roblox has put the time into doing this. However, I have still noticed a few model viruses even after the “Marketplace Asset Removal” project. Despite the viruses that are still on Roblox, I think Roblox did the right thing.

This Is A Good Update. Almost All Of My Old Games (2018 - 2019) Are flooded with viruses. Almost all toolbox models i found had at least 1 virus in them


LOL, im scared to look at my projects from 2012 for this very reason, younger me was a lot more unaware of those types of things.


If the assets were malicious anyway then nothing of value to anyone was lost

They already do that! Sometimes they hide them quite well

1 Like

I now can NOT find my assets that are NEEDED for my game and have the require id 3472854229 that is NOT malicious in any way. The modules in my game are not malicious. Please revert this annoying change. If you did, it would improve my development experience. Most of the assets I use in my games HAVE BEEN HIDDEN, not removed from the marketplaceapi. No offence but put back all assets that have require() in their scripts because finding models that have a mainmodule with a require() are really impossible to find if they are onsale. Roblox probably thought every asset that had a require(X) were viruses/backdoors and is 1000% false. This should be reverted ASAP so my deving experience can be easier.

Could there at least be a setting to hide malicious models in the toolbox, instead of forcing them to be hidden? This could improve a developers experience.

Great, all of my hard work with require(asset id), not malicious, has been lost…