#Exploiters injecting UI and abusing remotes only in public servers

I'm having an issue where exploiters seem to be affecting my game, but only in public servers.

What happens:

• A UI called "NFChat" gets cloned into all players' PlayerGui
• RemoteEvents appear to be created or abused
• Admin commands (Adonis) sometimes stop working or get interfered with

Important:

• This does NOT happen in Studio
• This does NOT happen in private servers
• Only happens in certain public servers

What I’ve checked:

• No obvious backdoors (no suspicious require() found)
• Issue does not persist across all servers

My suspicion:
I think this might be caused by unprotected RemoteEvents being abused by a client-side exploiter.

Questions:

• What are reliable ways to detect which player is triggering malicious remote activity?
• What validation patterns should I implement to secure remotes against this?
• Is it possible for exploiters to replicate UI to other players through remotes or other methods?

Any guidance or best practices would help a lot.

Ok so you still haven't explained ur issue

Also no context provided

They are injecting chat messages, using require scripts, and other stuff. It feels like they are basically hacking my game/map.

how would they do that brother, do you have a custom chat or smth

For example, here is a screenshot:

Yeah gtfo

No, I don’t have a custom chat. They are adding it themselves, and through that chat they can execute commands.

Ur trolling is so bad lol this has nothing to do with chat

I’m not trolling. I’m serious — something is injecting scripts into my game and I’m trying to understand how.

Look at the image — I don’t have Kohl’s Admin, and they are injecting this along with a chat.

Can you help me? @sick prawn

you probably have a remoteevent/function that makes it capable for them to execute code

Or you do have a backdoor

check every remote's parameters

Ok

Thanks

Bro

1.did you use any free models?
2.whats ur game about (this might help clarify where remote events are being used)
3.It could be a serverside script might not be a remote event

also it wouldnt happen in studio since they probs are using RunService:IsStudio() to hide

this is such a joke

yeah i did use a free model

my game is about “carretas da alegria” (those party trucks with music, lights, etc.)

so maybe it came from one of the free models

i’m thinking it could be a serverside script too, not just a remote

can you help me figure out where to look?

go to studio

go to search bar on explorer

do is:Script

and look all scripts

if you find one that you knows you dont need it

this is it

ok thanks

yo

are u here?

yes

** You are now Level 2! **

check dms

said the " dont even bother trying " guy

lmao kid came back

you either have a backdoor/lua virus you got from toolbox, or it's just standard cheaters

the fact they're inserting stuff into playergui is hilarious, that is so easily detected

someone really needs to show these skids how easy it is to block them

lol you're still salty im making an anticheat to block your skiddy exploits

to block exactly this kind of skiddy bulshit