In addition my plugin list and of my team is.
My Other developers.
2nd One.
Third one.
Yeah, it probably was but I checked @Srap_y plugins who said he also encountered the issue and he didn’t have it
We’d just like to find the code in scripts to make sure its gone but thanks to all of you for helping us out so far, appreciate it 
Maybe you could try following this guide, using method 2: How to inspect the source of plugins
Then you can inspect the source code of the plugin and see if/how they are inserting the exploit into your game, which would make it easier to track down
Ctr Shift F with various scripts didn’t appear to have returned anything. Which means it’s not embedded inside of the game but could be inside of nil or GC’d, Most likely going to be put down to a malicious plugin.
Go to each of these plugins and click the author. Look at their account. Check out recent uploads and whatnot. If it looks sketchy at all. Temporarily disable it.
If all goes south and its really not looking good. Create a 2nd Studioo-Game that you will have for not-built or released updates. And on this studio start adding your devs and manually seeing what each developer is doing. So as a developer joins, You can publish and test. Hence singling out the dev with the exploit.
After this go through his plugins. Cached scripts. Various self-plugins (Within the plugin folder. Some may not display but hide in the background.)
If you downloaded this cool tool called “BTR Roblox” you will be able to read the source code of that plugin online without any issues. Meaning you can inspect to see if its requiring or if anything is shady.
For example:
Odd, because a new topic was posted not too long ago which may be related to this one:
https://devforum.roblox.com/t/is-this-normal/1153311
Yup, some guy had the same problem. This is quite an issue.
https://devforum.roblox.com/t/is-this-normal
True, they both have a gray background, white text, and a blue button that has the word “continue” on it with rounded corners. It could possibly be related.
If you are absolutely sure that this is not a backdoor, you may want to contact @Exploit_Reports.
From the looks of it being widespread and that people buy the shirt without comfirmation, this looks like a Roblox bug.
Is this thing that is popping up in games instantly buying something? Does it pop up with the purchase thing?
I found out what happened if you press continue:
It is happening in many games, so it is a widespread issue. I also got that picture from the comment section of the item it is making everyone buy.
We’re not sure, it could just be a backdoor. It is very late though for me so I will have continue looking through the code tommorow, we have disabled third party purchases so hopefully people havent been getting it anymore.
I’m leaning towards this being an exploit rather than a backdoor as you said this is only occurring within some game servers and it would seem that quite a few people are having the same issue. Though, it’s still possible this could be the result of a malicious plugin, but I haven’t seen plugin lists from other users to confirm similar plugins amongst afflicted developers.
Here’s an update based on the information I was provided:
Someone, somehow, managed to edit the Roblox CoreScripts. So yes, this means that almost every game is going to encounter this issue. Countless amounts of people have been robbed of their Robux because of it. One individual in particular lost somewhere around 100k-500k Robux.
So no, this isn’t your fault, it’s a widespread issue.
Not to be annoying but is this information from a credible source?
I’d think if it was this widespread there would be more news from top games to be honest.
Uh… who is this? I’m pretty sure the actual creator is sleitnick 
Yes that has been brought up already, we’re still looking through the code to find where it got down, but the plugin is already removed.
There are YouTube videos on this, but recently (and probably by no coincidence) an exploit managed to make people buy expensive items (made by the exploiter of course) just by clicking the “play” button. This took Robux from people without them even noticing. I’m going to assume that this is related to your (and many others’) problem.
(post withdrawn by author, will be automatically deleted in 1 hour unless flagged)
Roblox Admins are probably aware of this issue, this is a Roblox scripting backdoor, even with no free models, plugins, etc. This is obviously a group of hackers who know what they are doing, if Roblox Admins look at this I hope they resolve this quick as this issue can grow to big games like BrookHaven, Adopt Me, etc with easy people to target who do not know better.
I think this issue is weird but as someone who has no idea on scripting this is just my opinion on this issue.
