Scripting Helpers is winding down operations and is now read-only. More info→
Ad
Log in to vote
1

Has my game been hacked?

Asked by
Tommmmmey 13
4 years ago
Edited 4 years ago

Hi

Ok, this is weird. I launched my first game a couple of days ago. Yesterday all of a sudden a pop-up module (MarketplaceService.ProcessReceipt) asks if I want to buy a t-shirt for 90 Robux. I have not added this purchase to my game and I guess this is not the first time a hack like this is "added" to a game.

Since I cannot add images to this forum I add the link to my game: https://www.roblox.com/games/4555863465

Here you will see the "ransom" pop-up asking for you to buy a t-shirt. You can cancel the request but then it will pop up again.

It does not show on the test-server, only on published version on Roblox.

Anyone know how to deal with a hack like this?

Anyone know about a stable malicious script finder plugin?

EDIT:

Ok, found the issue. It was in a Coconut Palm Tree set that I had added to my map. Could not find any scripts in the model but removing it did the trick. As a newbie I never thought of people adding malicious scripts into public models. Such a naive newbie :/

1
It isn't a hack. You probably used a free model from the library that was infected and it inserted a script in your game. It might not even be a virus, it might just be a random model maker trying to sell t-shirts. Torren_Mr 334 — 4y
0
You are probably right. But how can I find malicious scripts? I've searched for MarketplaceService and find two in CorePackages, but I don't know if these are part of the system or malicious. Tommmmmey 13 — 4y
0
Go to any of the scripts,literally any. Then click crtl+shift+F. A dialog box opens. Then type 'MarketplaceService:PromptPurchase'. Then click search. Then look at the bottom of the screen. Go to the scripts which the script finder box shows "MarketplaceService:PromptPurchase" then remove that block of code. nkminion 21 — 4y
0
^^^ i guess i was too late lol Lunaify 66 — 4y

1 answer

Log in to vote
0
Answered by
Lunaify 66
4 years ago

Step 1. Ctrl+Shift+F Step 2 You should see a "Find in all Scripts" window // https://gyazo.com/0828783d815f45fa4f1555528a7b6c40

Step 3 Search MarketplaceService // https://gyazo.com/9514635566414a811c91423b65f54790

Step 4 Click "Find All"

Step 5 After clicking the "Find All" button, you should see another window appear // https://gyazo.com/345689bb963cea2fd8396a46dfa813cc

The rest is pretty self explanatory, check every result until you end up with the malicious script! (You check by clicking the result) // https://cdn.discordapp.com/attachments/653682939024113689/671009294786887720/unknown.png

Hope this helps :)

0
Thank you for your instructions! I actually did not find anything by searching, but had to do the elimination method and remove one by one added public model to find the glitch. But thank you for your effort! Tommmmmey 13 — 4y
Ad

Answer this question