Scam Exploit ! (help on how to resolve?)

Try to detect the gui using a script and shut down the server or destroy it, this could be a solution

2 Likes

We havent had anymore reports since yesterday

Kicking players DOES work, Though it won’t show the kick message as the core guis crashed

1 Like

Theres quite a few replies and I’m not here to look at all of them haha, so I’ll just say what I think.

This is 100% a “virus” obtained from a free model or one of your developers (including you) have a malicious plugin that inserts this into every game they have access to develop in. Unless someone has a serverside backdoor in your game, this is not from a player, more a script.

This usually (in my case) redirects people to a Loading game where it would non-stop keep them in this game, I assume for Premium Payouts which they would get a hefty amount of robux from.

The best you can do is uninstall all unknown plugins from your account and ask your developers or anyone who has access to the game to do the same. Then spend about 2 hours just looking for unknown scripts, they usually nickname them something like RobloxCore or RobloxEngine, or Vaccine? I’m not sure on the backdoor trends these days lol.

If possible, start a fresh new baseplate and copy everything over that you 100% trust, and then try that, if that still does this, that means, you’ve got your hands on a convincing backdoor, just look through all them trying to see which one is doing this.

No client-sided exploit (like Synapse X) can do this as I’m aware.

2 Likes

I don’t know if this might help, but there was this thread on the same exploit that I saw earlier.

i feel so bad for every on who literally has been robbed out of there ROBUX hope Roblox fixes this quick

3 Likes

My game also haven’t recieved any reports since then. I’ll still stay up to if something else happens.

Hello everyone reading this including OP.

DISABLE Allow Third Party Teleports AND Allow Third Party Sales RIGHT NOW!!!

YES ALL OF YOU WHO ARE READING THIS! GO TO EDIT ALL OF YOUR GAMES AND TURN THESE OFF IN YOUR GAME SETTINGS!

EVERYONE OF YOU WHO READS THIS POST!

3 Likes

Here is a post in more detail to help you with removing this virus from your game. Malicious code is able to show UI over the purchase prompt, and trick users into purchasing items - #11 by AsynchronousMatrix

Which plugins have you enabled “Script Injection” permission?

i don’t think it is the datastore one,
it doesnt require any permissions so its impossible for a virus to get in your game

Doubt its a backdoor, but an exploit running within you’re scripts, do continue checking… Though it could be that it’s Hooking - Wikipedia, meaning the studio you’re using has been hooked with some kind of modifier, try copying and pasting scripts into a machine other than the publisher machine see if it works.

I looked for some plugins called “Datastore Editor” and there are many created by ufyfyugyu (not just 1, a lot) that contain some suspicious code, even that of QualityPlugins (edit: he spammed plugins too), and all of them have been updated 1 or 2 weeks ago … it doesn’t seem strange? they all have the same structure but some scripts change

ufyfyugyu plugins:
image
this is very suspicious…
the required code its all obfuscated and it contains a loadstring module too

QualityPlugins plugin:
image
all obfuscated

I don’t know if one of these could be the cause, but it is still very suspicious

sorry for the bad english

6 Likes

weird, my game we don’t have anything related to datastore and i got that pop up.

from what your also suggesting my concerns are rising

I had this issue before on my old laptop, now that im on my new laptop never had the problem since, if it is a what i’m suggesting then uninstall Roblox Studio and get fresh install, its a hustle but might work…

Funny that I see said shirt is made by ‘CMD-X’, it’s actually a very popular admin command exploit script. (As context, I asked an exploiter in crossroads about a week ago what script he was using and he said this one.)

In addition to what @SSSpencer413 said, there’s some string codes that let you do require in a different way. I had a similar problem, where a ‘RoSync Loader’ used something like this:

string.reverse("114/434 (more numbers here)")getfenv()(someidhere)
-- Can't remember exact format, lol

Read more here:

I dug in deeper into the script and found a self made script executor that for some reason has some polish writing, in fact, some scripts inside the model have a Polish swear. There’s a script that teleports you to chicken roleplay - Roblox, a script that prompts you to buy a place??? (XBJJXDZDWLDM83859s's Place - Roblox) and GUI that tells you how to enable HTTP requests though a Lightshot link. Funny that the person who made this didn’t even obfuscate all the other stuff.

1 Like

I’ve had this same problem in my cafe game, where it goes to a ‘fast loader’ game and teleports back. After 2 years, I’ve been unable to remove it so it just remains.

That is caused either by a bad plugin or a malicious free model from the toolbox. Check your models and plugins and see if they have scripts in them.

Also I’m pretty sure the game gui being overlayed on top of core gui is fixed now.
Edit: Yeah its fixed