Start punishing people for malicious resources

Hello guys! Personally, I’ve seen many malicious free models being posted in #resources:community-resources.

The people making those resources only got their topic deleted (as far as I know at least). In my opinion, there should be stricter punishments, because the goal of those people is to add a virus in a game so it doesn’t work properly.

The DevForum is supposed to be a professional place for developers to talk and help each other, and these types of topics make me think if this forum really is a professional environment. It’d be greatly appreciated to see stricter punishments.

Yea I agree, but there isn’t a rule in the broken rules matrix that punishes people for posting malicious free models.

I think this should be added.

yea i think they should do a check for studio and find the virus models

This is not possible for a popular and big forum like this one. It really isn’t a great idea. Since Post Approval is deprecated, there no longer is a way to check posts and then approve them. The only solution is just to punish people.

yea this is a problem a big one but i am sure they do best for fix it

I assume you’re talking about the most recent incident. If so, the OP of that didn’t get suspended because it was very likely that the exploiter group compromised their account to post malicious resources, and there was a lot of evidence pointing to that being the case. That group is known for compromising other accounts too.

Personally, I’ve seen other cases too. It’s not confirmed if that account was compromised. Even if he got compromised, it’s still weird not to see any rule about that issue. Even though the OP of that thread wasn’t a member of the publisher group, he was a white hat hacker and has joined several ethical hacking communities, so this thing will remain unanswered.

Those ethical hacker communities are actually fakes and owned by the exploiter group; it’s very likely that they used the account to join all of them after they got in.

Also, all of their posts before this happened were normal, and it’s very unlikely that an exploiter group would go through months of making their devforum profile not look suspicious when they know the moment they post anything bad they’ll be called out quickly.

I think these exploiters know that even if they get caught fast, a small amount of people may still be tricked, especially if they get the module before users start calling them out.

First, @TheSadFreind They can only give your game viruses, not your PC, the most advanced one can put someone in studio during a team create session but other than that no harm outside of Roblox unless you click on a link.

I do agree we need a rule matrix on DevForum. It should we okay to explore exploits as that can help you understand better and potentially make a solution to them but posting them isn’t okay.

@LexiDog5 many exploiters have like 70 alts (as i learned from my experiences with them). Their main tactic is just scaring people.

@everyone I wouldn’t be to worried about it, just look through the models. In explorer on the top, there is an option to sort stuff where you can then look up scripts in the game making it easier to spot exploits such as Fire Spread and require(123456).

This isn’t a solution though; we need to stop this stuff from being posted in the first place.

I agree, but until then this is a temporary solution, its up to people to spot this not the moderators. Don’t make them go to EVERY SINGLE MODEL and dig deep into it. That would take all the time that would normally be used to take down scams and bad posts.

Even though some users have gotten suspended from forum for posting malicious resources i think there needs to be an explicit rule prohibiting this. There are plenty of rules that could have fit under other rules (such as the new one that prohibits public minimodding) but they are made explicit anyways.

Saddens me to see innocent users getting their accounts compromised and attackers using innocent accounts for malicious purposes on the forum. I wish the real owners luck in getting their accounts back.

I full on support this suggestion. Iv’e seen this recent thread, and it disgusts me to use other players accounts to send malicious models into someones game. There should be more restrictions and rules for this, some type of new PA or if this does happen a full ban from the forum in the first place.