Scam Exploit ! (help on how to resolve?)

Sharing screenshots of the stuff that was posted in the game at the moment of joining.



If you are absolutely sure that this is not a backdoor, you may want to contact @Exploit_Reports.

From the looks of it being widespread and that people buy the shirt without comfirmation, this looks like a Roblox bug.

1 Like

Is this thing that is popping up in games instantly buying something? Does it pop up with the purchase thing?

2 Likes

I found out what happened if you press continue:

It is happening in many games, so it is a widespread issue. I also got that picture from the comment section of the item it is making everyone buy.

1 Like

We’re not sure, it could just be a backdoor. It is very late though for me so I will have continue looking through the code tommorow, we have disabled third party purchases so hopefully people havent been getting it anymore.

1 Like

I’m leaning towards this being an exploit rather than a backdoor as you said this is only occurring within some game servers and it would seem that quite a few people are having the same issue. Though, it’s still possible this could be the result of a malicious plugin, but I haven’t seen plugin lists from other users to confirm similar plugins amongst afflicted developers.

3 Likes

Here’s an update based on the information I was provided:

Someone, somehow, managed to edit the Roblox CoreScripts. So yes, this means that almost every game is going to encounter this issue. Countless amounts of people have been robbed of their Robux because of it. One individual in particular lost somewhere around 100k-500k Robux.

So no, this isn’t your fault, it’s a widespread issue.

3 Likes

Not to be annoying but is this information from a credible source?
I’d think if it was this widespread there would be more news from top games to be honest.

1 Like

Uh… who is this? I’m pretty sure the actual creator is sleitnick image

3 Likes

Yes that has been brought up already, we’re still looking through the code to find where it got down, but the plugin is already removed.

2 Likes

There are YouTube videos on this, but recently (and probably by no coincidence) an exploit managed to make people buy expensive items (made by the exploiter of course) just by clicking the “play” button. This took Robux from people without them even noticing. I’m going to assume that this is related to your (and many others’) problem.

1 Like

(post withdrawn by author, will be automatically deleted in 1 hour unless flagged)

Roblox Admins are probably aware of this issue, this is a Roblox scripting backdoor, even with no free models, plugins, etc. This is obviously a group of hackers who know what they are doing, if Roblox Admins look at this I hope they resolve this quick as this issue can grow to big games like BrookHaven, Adopt Me, etc with easy people to target who do not know better.

I think this issue is weird but as someone who has no idea on scripting this is just my opinion on this issue.

2 Likes

Let’s hope they are, or whoever’s running this can freely take people’s robux. Also, the shirt is made by a shady group.

1 Like

Try to detect the gui using a script and shut down the server or destroy it, this could be a solution

2 Likes

We havent had anymore reports since yesterday

Kicking players DOES work, Though it won’t show the kick message as the core guis crashed

1 Like

Theres quite a few replies and I’m not here to look at all of them haha, so I’ll just say what I think.

This is 100% a “virus” obtained from a free model or one of your developers (including you) have a malicious plugin that inserts this into every game they have access to develop in. Unless someone has a serverside backdoor in your game, this is not from a player, more a script.

This usually (in my case) redirects people to a Loading game where it would non-stop keep them in this game, I assume for Premium Payouts which they would get a hefty amount of robux from.

The best you can do is uninstall all unknown plugins from your account and ask your developers or anyone who has access to the game to do the same. Then spend about 2 hours just looking for unknown scripts, they usually nickname them something like RobloxCore or RobloxEngine, or Vaccine? I’m not sure on the backdoor trends these days lol.

If possible, start a fresh new baseplate and copy everything over that you 100% trust, and then try that, if that still does this, that means, you’ve got your hands on a convincing backdoor, just look through all them trying to see which one is doing this.

No client-sided exploit (like Synapse X) can do this as I’m aware.

2 Likes

i feel so bad for every on who literally has been robbed out of there ROBUX hope Roblox fixes this quick

3 Likes

My game also haven’t recieved any reports since then. I’ll still stay up to if something else happens.