Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

Sign up now!

Question Hacked

Status
Not open for further replies.
RuneMate Staff
Joined
Oct 2, 2015
Messages
3,216
Well......It wasn't Runemate.

How do you know your computer was clean? Does someone else have old information on the account? Did they recover it back from you?
 
Joined
Jan 4, 2015
Messages
39
Nah, it definitely wasnt this app that got you hacked. Been using it a little over a year and ive never gotten hacked.
 
Joined
Dec 18, 2014
Messages
160
Nobody recovered the account, i would've gotten any email about that. My EMail is through gmail, and I have 2 step verification so if they wanted to get into it, they'd have to have my cell phone as well. I use AVG and Malwarebytes to keep my computer clean, and I haven't downloaded anything "suspicious" for a long time.
 
Joined
Apr 13, 2016
Messages
100
Same thing happened to me not long ago. Hadn't played in a long time, started botting and then lost 15-20m. I was pretty annoyed at first, but then I realized that regardless of how my account may have been compromised, it was my own fault for not using the authenticator for my account. I don't think that anyone who would possibly have access to passwords stored by RM would hack accounts from the userbase. But even if someone did, it's on us for not using the security features provided.

Besides, RM earned me all my gold anyway! :D
 
Joined
Dec 18, 2014
Messages
160
There's gotta be something jagex can do. I've gotten a keylogger on my computer before (this was like 6 or 7 years ago) and they rolled back my account so I had all my stuff back
 
Mod Automation
Joined
Jul 26, 2013
Messages
3,044
Sigh... I've said this a million times before and I'll say it again. Anyone with two brain cells and a traffic sniffer like Wireshark can personally verify that your account info is encrypted client-side before being sent to the server. When you pull the account info from the server you receive the same encrypted data, which is then decrypted client-side for use. Now anyone with a little bit of reverse engineering experience and three brain cells can also verify that the encryption is overkill strong and uses information that would only be available to the user and is only ever stored in memory. Your account was likely stolen in one of the numerous ways accounts are stolen everyday including, but not limited to, a keylogger, phisher, or (the surprisingly most common option) a friend. When in doubt, Occam's razor.

tl;dr we couldn't access your account even if we wanted to and we don't want to.
 
12 year old normie
Joined
Jan 8, 2015
Messages
2,769
Sigh... I've said this a million times before and I'll say it again. Anyone with two brain cells and a traffic sniffer like Wireshark can personally verify that your account info is encrypted client-side before being sent to the server. When you pull the account info from the server you receive the same encrypted data, which is then decrypted client-side for use. Now anyone with a little bit of reverse engineering experience and three brain cells can also verify that the encryption is overkill strong and uses information that would only be available to the user and is only ever stored in memory. Your account was likely stolen in one of the numerous ways accounts are stolen everyday including, but not limited to, a keylogger, phisher, or (the surprisingly most common option) a friend. When in doubt, Occam's razor.

tl;dr we couldn't access your account even if we wanted to and we don't want to.

Even IF you wanted to, how is a single RuneScape account worth more than the entire web of trust RuneMate has created over the past years?

It's ridiculous that you might even think such a thing.
 
Joined
Mar 25, 2016
Messages
17
You probably got phished from those stupid private messages saying to visit this site and sign up for free gold or become a jagex mod lol.
 
Joined
Dec 10, 2014
Messages
3,255
Nobody recovered the account, i would've gotten any email about that. My EMail is through gmail, and I have 2 step verification so if they wanted to get into it, they'd have to have my cell phone as well. I use AVG and Malwarebytes to keep my computer clean, and I haven't downloaded anything "suspicious" for a long time.
Smells like a dog mate to me. If they know you're using a botting program, or have used one before, they'd see that as an easy scapegoat.
 
Joined
Dec 18, 2014
Messages
160
You probably got phished from those stupid private messages saying to visit this site and sign up for free gold or become a jagex mod lol.


Nope definitely wasn't a phisher, I don't fall for that stupid shit lol. I usually report the website to their hoster just for shits n giggles.

I do think I found out what it was, and I'd like to apologize to Runemate. Seems like the ISP that the base i'm deployed to uses for their base-wifi is extremely fishy. Other people I've talked to have been getting emails ever since they arrived here saying that someone is trying to log into various accounts (Usually game accounts & Steam).
 
RuneMate Staff
Joined
Oct 2, 2015
Messages
3,216
Nope definitely wasn't a phisher, I don't fall for that stupid shit lol. I usually report the website to their hoster just for shits n giggles.

I do think I found out what it was, and I'd like to apologize to Runemate. Seems like the ISP that the base i'm deployed to uses for their base-wifi is extremely fishy. Other people I've talked to have been getting emails ever since they arrived here saying that someone is trying to log into various accounts (Usually game accounts & Steam).

Open Wifi + Packet sniffer = GG
 
Mod Automation
Joined
Jul 26, 2013
Messages
3,044
As always... it wasn't RuneMate. Glad you figured it out though and hopefully you can make it all back with RuneMate soon. :)
 
Status
Not open for further replies.
Top