Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

Sign up now!

Resolved Alt account was just hacked and RuneMate is the only suspect

Status
Not open for further replies.
I've been called a god before.
Joined
Aug 5, 2014
Messages
3,212
I think the posts above me sum it up pretty well, some more kindly than others. Just to make it official, RuneMate didn't and never has accessed users' accounts. The data received by the servers is heavily encrypted and we couldn't even if we wanted. Any novice reverse engineer could inspect the client and verify that fact. My longstanding reputation aside (likely begins when you were but a toddler), $20-40 is not an amount of any interest to the owners of RuneMate; we both have real-life careers that keep us satisfactorily compensated. It is not possible that a Bot Author snuck code in to collect your data, because account information is not exposed in the API and any attempt to capture it would be caught by our static code analyzer and/or the manual scan every line of code is subjected to.

While I do not wish to speculate on the hundreds of ways your account could have been compromised, a few of the most common are through common credentials, sharing accounts, phishing, and malware. I occasionally provide IT services to friends and family, and in scenarios like this my first suggestion is to immediately stop all usage of the computer(s) in question and perform a full reformat. Once a breach is detected, it's simply not worth the risk of any further damage for the convenience of having your current installation of an operating system.

@everyone: I would personally appreciate it if we all stayed nice to OP. He's obviously suffered a loss, and is understandably upset. It's common to respond emotionally and irrationally. The best thing we can do is keep our heads cool and explain logically.
I have said something similar... in a way... kinda xD
 
Joined
Nov 3, 2013
Messages
609
I think the posts above me sum it up pretty well, some more kindly than others. Just to make it official, RuneMate didn't and never has accessed users' accounts. The data received by the servers is heavily encrypted and we couldn't even if we wanted. Any novice reverse engineer could inspect the client and verify that fact. My longstanding reputation aside (likely begins when you were but a toddler), $20-40 is not an amount of any interest to the owners of RuneMate; we both have real-life careers that keep us satisfactorily compensated. It is not possible that a Bot Author snuck code in to collect your data, because account information is not exposed in the API and any attempt to capture it would be caught by our static code analyzer and/or the manual scan every line of code is subjected to.

While I do not wish to speculate on the hundreds of ways your account could have been compromised, a few of the most common are through common credentials, sharing accounts, phishing, and malware. I occasionally provide IT services to friends and family, and in scenarios like this my first suggestion is to immediately stop all usage of the computer(s) in question and perform a full reformat. Once a breach is detected, it's simply not worth the risk of any further damage for the convenience of having your current installation of an operating system.

@everyone: I would personally appreciate it if we all stayed nice to OP. He's obviously suffered a loss, and is understandably upset. It's common to respond emotionally and irrationally. The best thing we can do is keep our heads cool and explain logically.
It's a good thing he didn't catch the bitcoin miner embedded in the client.
 
Mod Automation
Joined
Jul 26, 2013
Messages
3,046
It's a good thing he didn't catch the bitcoin miner embedded in the client.
As much as I enjoy that extended troll, I think it'd be best not to confuse the OP. There's no bitcoin miner. :p
 
Joined
May 16, 2015
Messages
333
I can guarantee it was not runemate, I posted a thread a few weeks back, that unfortunately not many people had read, That websites that were powered by vBulletin had a security breech and your information could be stolen. It is likely that you had registered on a website that was using the vBulletin platform with the same credentials as runesacpe therefor leaving your account vulnerable. I recommend scanning your computer,changing all passwords and usernames (be sure to use a mix of uppercase, lowercase, number, and sumbols for a strong password) and enabling two step authentication on your runescape account.
 
I've been called a god before.
Joined
Aug 5, 2014
Messages
3,212
I want to apologize to the community, I discovered how my account was hijacked, and I'm truly sorry for pointing fingers at RuneMate, the method used was pretty hard to predict and is entirely my fault for not being more weary.

The only thing I can offer at this time is advice: 2 step authentication is amazing, and using a password that's different from any other site is a great idea.

How it was hijacked: I had lent the account to a friend to use for farming dwarf ogres two months ago when I had quit the game. When invention came around, the thousands of hand cannons he had farmed skyrocketed in price and he became a billionaire, (I wasn't around for this) he became extremely egotistical and eventually got kicked out of the clan/friend's chat/discord group for generally just being an asshole. His response was to do as many fucked up things as possible to people who resided in the clan, things including DDOSing members, leaking clan secrets, etc. One of those things was attempting to steal my account and take all the gold off of it. He tried to find the password for my main account by looking at bugabuse's forum dump, found a password that didn't work for my main, but worked for my alt account (since he knew the e-mail login). So he settled for my alt and stole the gold off of it. I discovered what happened when I joined the Discord group again today, and managed to put two and two together.

I'm sorry.
Very nice that you edited, apologized and found the real cause. And your friend? Beat the shit out of him. He has to be taught a lesson.
 
Joined
May 16, 2015
Messages
333
I've discovered how my account was hijacked, and I've edited the OP to explain how it happened, and to say that I'm sorry.
Thanks for the apology and posting it, on the other hand I'm sorry to hear your 'friend' hacked it, he's not a real friend...Push him into a cement mixer :)
 
12 year old normie
Joined
Jan 8, 2015
Messages
2,769
Suitable avatar to thread content ratio

>mfw

32050.jpg
 
Joined
Mar 4, 2015
Messages
78
Despite that fact that RuneMate is clearly not to blame, the way all of you reacted to this was so inconsiderate and honestly ridiculous; especially towards a newer member. He clearly stated he never followed any phishing links. Had he done so, he even stated it would be irrelevant due to the fact that a bank pin was present on his alternate account. He's also made it clear that the only place he provided a bank pin would be to the RuneMate client. I know he has now discovered that it was NOT in fact RuneMate at all, but the way that he was treated was so appalling. He even had to reply and say that he is not accusing anyone of anything, and is simply hoping that the matter be looked into, as quoted directly from one of his first posts. None of you had to come at him in such an aggressive manner, or condescending manner, or just straight up rude manner. Ridiculous.
 
Joined
Dec 10, 2014
Messages
3,255
Despite that fact that RuneMate is clearly not to blame, the way all of you reacted to this was so inconsiderate and honestly ridiculous; especially towards a newer member. He clearly stated he never followed any phishing links. Had he done so, he even stated it would be irrelevant due to the fact that a bank pin was present on his alternate account. He's also made it clear that the only place he provided a bank pin would be to the RuneMate client. I know he has now discovered that it was NOT in fact RuneMate at all, but the way that he was treated was so appalling. He even had to reply and say that he is not accusing anyone of anything, and is simply hoping that the matter be looked into, as quoted directly from one of his first posts. None of you had to come at him in such an aggressive manner, or condescending manner, or just straight up rude manner. Ridiculous.
I think the main issue was that he stated "RuneMate is the only suspect", when he's lent out the account in the past. Social engineering is much easier and prevalent than hacking these days. If he was to say "RuneMate is a suspect" then maybe the community wouldn't act so defensive.

I agree that some of the posts weren't constructive or even slightly helpful, but there was also a fair amount of good advice in the thread, and @Exia hit the nail on the head with his post. I wouldn't say that he was treated rudely overall, but just by a few select people/posts. He started the thread pointing fingers, it's only reasonable to expect some backlash.
 
Joined
Feb 27, 2015
Messages
577
Despite that fact that RuneMate is clearly not to blame, the way all of you reacted to this was so inconsiderate and honestly ridiculous; especially towards a newer member. He clearly stated he never followed any phishing links. Had he done so, he even stated it would be irrelevant due to the fact that a bank pin was present on his alternate account. He's also made it clear that the only place he provided a bank pin would be to the RuneMate client. I know he has now discovered that it was NOT in fact RuneMate at all, but the way that he was treated was so appalling. He even had to reply and say that he is not accusing anyone of anything, and is simply hoping that the matter be looked into, as quoted directly from one of his first posts. None of you had to come at him in such an aggressive manner, or condescending manner, or just straight up rude manner. Ridiculous.

most of the community here are dicks, you better get used to it.
 
Java Warlord
Joined
Nov 17, 2014
Messages
4,906
Not necessarily, IMO The community here is a lot less toxic that other communities, I quite like the RM community :)
Ja, agree. I have seen only one member who was toxic to the community, the rest of those dicks are new members who leave again after a week or so, which is good.
 
Joined
May 16, 2015
Messages
333
Ja, agree. I have seen only one member who was toxic to the community, the rest of those dicks are new members who leave again after a week or so, which is good.
Oh lord are you referring to who I think you are...? And from what I've seen Most of the members that have been here for a while are pretty chill
 
Joined
Jan 27, 2015
Messages
1,557
Ja, agree. I have seen only one member who was toxic to the community, the rest of those dicks are new members who leave again after a week or so, which is good.
Are you referring to yourself?
The+club+can+t+even+handle+us+right+now+_4d2067ff3bb996e0871a746f0c75ab49.jpg
 
Status
Not open for further replies.
Top