Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

Sign up now!

Potentially Hacked by RuneMate

Status
Not open for further replies.
Joined
Jun 11, 2015
Messages
81
After looking through login attempts and client sessions, I can confirm someone with the IP 122.***.***.69 accessed your RuneMate account on Wed, 20 Apr 2016 09:20:31 GMT. This IP has been associated with attempted logins on a large number of accounts and is suspected to be the hijacker. The hijacker is likely cross-referencing the leaked and cracked databases of other RuneScape sites, such as Sythe (publicly available), TriBot (availability unknown), and DreamBot (publicly available), and trying those combinations on RuneMate. In response to this we have forced a RuneMate password change, cleared all saved RS accounts, and have a lawyer drafting a letter to the hacker's ISP. This may seem like overkill for a couple hijacked accounts, but we here at RuneMate don't mess around with it comes to account security.

P.S. Thread moved back to Discussion and re-opened.

Hey Arbiter, when I got on RM earlier today I was promted to reset my password on the website and now I've opened the RM client again to do some more botting a few hours later and all my accounts were cleared from RM client.
Just wondering if this is a precausion for every RM account or was I targetted by the hijacker?
 
Joined
Feb 14, 2016
Messages
33
After looking through login attempts and client sessions, I can confirm someone with the IP 122.***.***.69 accessed your RuneMate account on Wed, 20 Apr 2016 09:20:31 GMT. This IP has been associated with attempted logins on a large number of accounts and is suspected to be the hijacker. The hijacker is likely cross-referencing the leaked and cracked databases of other RuneScape sites, such as Sythe (publicly available), TriBot (availability unknown), and DreamBot (publicly available), and trying those combinations on RuneMate. In response to this we have forced a RuneMate password change, cleared all saved RS accounts, and have a lawyer drafting a letter to the hacker's ISP. This may seem like overkill for a couple hijacked accounts, but we here at RuneMate don't mess around with it comes to account security.

P.S. Thread moved back to Discussion and re-opened.
Can confirm this is the IP used to hack my account, which I mentioned in another thread.
 
Mod Automation
Joined
Jul 26, 2013
Messages
3,046
I can't stress enough the importance of Two-Step Verification. It takes two seconds to set it up and will make hijacking virtually impossible.
 
Hey Arbiter, when I got on RM earlier today I was promted to reset my password on the website and now I've opened the RM client again to do some more botting a few hours later and all my accounts were cleared from RM client.
Just wondering if this is a precausion for every RM account or was I targetted by the hijacker?
This was a precaution implemented for everyone.
 
Author of MaxiBots
Joined
Dec 3, 2013
Messages
6,774
I can't stress enough the importance of Two-Step Verification. It takes two seconds to set it up and will make hijacking virtually impossible.
 

This was a precaution implemented for everyone.
Perhaps you should consider forcing tfa to prevent issues like this arising in the future. If users don't have a smart phone you can have the codes sent to email or via sms cant you?
 
Mod Automation
Joined
Jul 26, 2013
Messages
3,046
Perhaps you should consider forcing tfa to prevent issues like this arising in the future. If users don't have a smart phone you can have the codes sent to email or via sms cant you?
I would love to, but I don't think everyone is ready to embrace Two Step. There's no rational reason not to, but people are weird like that...
 
Client Developer
Joined
Oct 12, 2015
Messages
3,760
Consolidating the discussion into this thread to prevent misinformation being spread.
 
Mod Automation
Joined
Jul 26, 2013
Messages
3,046
E6KLzCD.png
 
Joined
Dec 17, 2014
Messages
351
After looking through login attempts and client sessions, I can confirm someone with the IP 122.***.***.69 accessed your RuneMate account on Wed, 20 Apr 2016 09:20:31 GMT. This IP has been associated with attempted logins on a large number of accounts and is suspected to be the hijacker. The hijacker is likely cross-referencing the leaked and cracked databases of other RuneScape sites, such as Sythe (publicly available), TriBot (availability unknown), and DreamBot (publicly available), and trying those combinations on RuneMate. In response to this we have forced a RuneMate password change, cleared all saved RS accounts, and have a lawyer drafting a letter to the hacker's ISP. This may seem like overkill for a couple hijacked accounts, but we here at RuneMate don't mess around with it comes to account security. I can't stress enough the importance of Two-Step Verification. It takes two seconds to set it up and will make hijacking virtually impossible. Additionally, those that were hijacked were only hijacked because they used the same/similar password on RuneMate as they did another site whose security standards are lower than ours. This is easily prevented by using unique passwords for each site, particularly ones that have value to you like your RuneMate account.

P.S. Thread moved back to Discussion and re-opened.
Thanks for your reply.

I'm sorry for calling you guys out for hacking me, for a second it really looked like the only solution. I have never been hacked before on anything and it did really scare me. I even re-installed my windows and changed all my passwords.
 
Joined
Jun 3, 2015
Messages
44
Yeah i also lost gold on all my accounts and they even deleted my all of my runescape accounts of runemate. I feel dumb but i'm also a bit pissed

Also enabled two step verifaction. Already did that for my main RS account but didn't do it for RM. Dumb dumb dumb
 
Last edited:
Joined
Feb 27, 2015
Messages
577
Yeah i also lost gold on all my accounts and they even deleted my all of my runescape accounts of runemate. I feel dumb but i'm also a bit pissed

Also enabled two step verifaction. Already did that for my main RS account but didn't do it for RM. Dumb dumb dumb

Actually @Arbiter or @Cloud cleared the accounts from runemate. they do this as a security precaution anytime something like this happens. Arbiter even said that somewhere in these 2 pages.
 
Status
Not open for further replies.
Top