For developers, plugins are often a useful tool to add in Roblox Studio for more complex features or assets in their games. These plugins can really improve a game experience. But what if those plugins were malicious and possibly even damaging to the players? Turns out, this is a common occurrence on Roblox.

Malicious Plugins

In a recent post by developer Turtlepla, the rise of harmful plugins was discussed. These plugins often imitate legitimate plugins by fraudulently using the names of popular developers. These scammers are even creating groups with the names of legitimate developers to fool people into thinking they have legitimacy.

This has become a rampant issue on Roblox, as one can see if they view the plugin library. Most of the plugins on the front page of the library are fake. Sadly, this isn’t directly obvious, especially not for those who do not know the signs of a malicious plugin.

Make sure to report any plugins you find to be malicious. The report form will look like the above image.

Related: How to put two hairs on Roblox


When visiting the plugin library, it is shocking to see that the first five plugins listed are all malicious in nature. It is obvious that this issue is widespread and that many games could be affected. Roblox has yet to offer solutions for protection against these. From an official standpoint, your best option currently is to utilize the Report feature.

The biggest way to tell that you should not use a plugin is to look at the description. We will use an example below to show you what to look for, but have redacted the names and will use examples instead of real names.

  1. One of the first things you can do when looking at a plugin is to check the likes and dislikes. The amount of dislikes is not dramatic here, but the ratio is still 11:2, meaning that 18% percent of people who installed this plugin disliked it. Dislikes are not a determiner, but they may be the first sign that something is amiss.
  2. Check who created the plugin. There will be a name at the top that states who created the game. This person has even listed their Twitter URL in the description. From here, you could check their social media that is linked, but this is not alway helpful.
  3. The key to number 2 is to compare it to number 3. In the Updated section, it claims that the plugin has been updated by a well-known developer. This might make others think that this developer helped on the project, which would give it some legitmacy. But when you click on the link that is attached to the developer name, it takes you to group with two members. This is where you can assume the plugin is not legitimate. Even if this plugin does not necessarily have anything dangerous attached, there is no good reason a plugin creator would steal the name of a more popular developer.
  4. In the top right, you will see three dots. If you click on this, you’ll be given the option to report the game. If you see signs like above and feel that the game may be a threat to use, take the time to report the plugin to help improve Roblox. This will help keep developers and players safe.

Want to read more about Roblox? Check out How to Sign Up for the Cookie Run: Kingdom Roblox Competition – Win $50,000! on Pro Game Guides.

Leave a comment