Suspicious module

Hello, right now I’m working as a scripter for a cafe project. We are a team, but I didn’t get to know every member, so I don’t know who they really are.
Recently I found a script inside ServerScriptService called “Handler”. I was curious to see what it actually did. There was only one line, requiring an external module and running it.
A huge red flag popped up in my head, this is usually how people install backdoors in your game.
I found the source code of the module ( and after checking it… I’m confused. If anyone could kindly explain me what this module is doing I would greatly appreciate it.



I saw this earlier today also and was confused as to what it was

It’s definitely malicious whatever it is. Nobody obfuscates their code like that


Also I found a script called “Hook”. It’s a chat logger that sends every message said in any server to an unknown discord server. We do have a discord server, but I don’t know how to check if its ours. I reported it to the owner and disabled both scripts, I’ll wait for a response. Clearly something isn’t right.

These are modules that are normally inserted by malicious plugins that are designed to give the creator of the module access to your games server code and/or give the creator admin powers. The weird code is designed to make it harder to find and remove or protect against. I’d recommend everyone in your team checks their plugins, as I have frequently found malicious plugins designed to imitate legitimate ones by duplicating them and publishing them on an account with a name similar to the original creator.


Due to the fact that the creator of the module is a account with no clothes and was made only 2 months ago makes me suspicious. I belive madattak is correct here.

Really this is something that you can send over to Discord Trust and Safety, so long as you have the ID supplied for the webhook. Logging chats like this is a good way to get on Discord’s bad side. In your F9 Developer Console, find the Network tab. You can see what your game server is sending Http requests to.

1 Like