Navigation

Navigation section

Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

Sign up now!

Resolved Account Hijacked

icleaner

icleaner

Joined
Sep 2, 2016
Messages
6
I was last using AUXI bot to train attack at the barbarian security stronghold.
last night i logged out around 10pm Easter time.
This morning 2/15/2020 around 6:50am. i tried to log in.
runescape showed that the server was either busy or my account did not log out from its last section.
I visited runescape home page and came to find out, there was no maintenance or updates.
i tried to log in once more and i found my character on Lumbridge naked and my bank account with no valuables.
I had roughly 212mill in items and 24Mill cash from all my farms kill drops and skilling.

Only RUNEMATE asks for password
My account has no bank pin
Plus i scan my PC for viruses frequently.

I paid to be a supporter and paid for the bots as well.
Is my money not enough for you guys?

I want a Complete refund & my items returned. i will go find a better software with trusted developers.

This is ridiculous -_-
 
cuppajava

cuppajava

cuppa.drink(java);
Joined
Mar 13, 2018
Messages
7,091
iCleaner said:
How would i be sure my info is not saved on the system and you guys have access?
I scanned my PC once again and i cannot find any threats.
Click to expand...
Accounts are usually hijacked through phishing, not viruses. Have you clicked any links to anything RuneScape related in an email, and ad, or a Google search? Have you logged in to your account through anywhere other than runemate and the official client? (Including the website, a private server, another bot, etc)
 
icleaner

icleaner

Joined
Sep 2, 2016
Messages
6
CuppaJava said:
Accounts are usually hijacked through phishing, not viruses. Have you clicked any links to anything RuneScape related in an email, and ad, or a Google search? Have you logged in to your account through anywhere other than runemate and the official client? (Including the website, a private server, another bot, etc)
Click to expand...

I went back on my own list of visited websites just to make sure i did not click something, only once i found was the original RS site.
how can i scan my browser to see if i still have a key-logger active? or anything that can expose my info?

thinking back, I've used Runebot before a few years back and never had an issue. Excuse my ignorance, i was pissed
to see my account wiped with 0 items.
 
cuppajava

cuppajava

cuppa.drink(java);
Joined
Mar 13, 2018
Messages
7,091
iCleaner said:
I went back on my own list of visited websites just to make sure i did not click something, only once i found was the original RS site.
how can i scan my browser to see if i still have a key-logger active? or anything that can expose my info?

thinking back, I've used Runebot before a few years back and never had an issue. Excuse my ignorance, i was pissed
to see my account wiped with 0 items.
Click to expand...
I know this sounds like a dumb question, but you're 100% sure it was the official RuneScape site right? runescape.com, not runescape-secure-fishylink-fake.com/login or somethin
 
icleaner

icleaner

Joined
Sep 2, 2016
Messages
6
CuppaJava said:
I know this sounds like a dumb question, but you're 100% sure it was the official RuneScape site right? runescape.com, not runescape-secure-fishylink-fake.com/login or somethin
Click to expand...

I always type Runescape.com nothing else.
 
We detected something unusual about a recent sign-in to the Microsoft account mt*****@outlook.com.

Sign-in details

Country/region: Australia

IP address: 45.76.123.95

Date: 2/15/2020 6:39 PM (GMT)

Platform: Windows

Browser: Chrome

Please go to your recent activity page to let us know whether or not this was you. If this wasn't you, we'll help you secure your account. If this was you, we'll trust similar activity in the future.


who ever this is, hijacked the account and now i have 0 access to it.
 
savior

savior

Java Warlord
Joined
Nov 17, 2014
Messages
4,906
feel free to debug any sorts of connections going from the client to the runemate server. you'll find that the only time it's transferring your accounts login information (IF you enter them into the client) are encrypted. they're encrypted with your runemate login credentials (maybe amongst other things, idk). Technically arbiter could use the rm credentials you're sending to the server by logging into the client to decrypt your players credentials.

Let's ignore that this is already extremely unlikely, but okay, it is a minor security flaw.

Now arbiter has hundreds of thousands of player account credentials. What's he gonna do then, just pick random ones? or go after a specific runemate user? there isn't even a guarantee those credentials are valid.

Runemate sends very few information such as gp in inventory, any rings of duelings equipped, or a part of your quest list, in order to build navigation paths using runemate's web. this data isnt even mapped to a distinct player you've added to your client, just to your runemate user.

Lets assume he'd go by the accounts with the most wealth currently in the inventory by using the data of a completely different service (it's getting more and more ridiculous as you can see). Now if arbiter logged into these accounts, you would see a lot of users complaining about locked accounts due to suspicious account use, namely differences in IPs, jagex does that pretty easily.

Now i've seen some ban reports, and i've seen some "hacked" reports, but i've never seen a single "account locked" report on the forums.
 
Top