[4nn0nym0us]

toady i turned on my computer and started runemate (after clicking yes, i trust this aplication, basically giving the app administrator access to my pc), instantly a windows defender antivirus notification popped out and said that a thread was found on my computer, when i see the source of it i got surprised, turns out that comes from runemate, i inmediately quarentine it and delete all runemate stuff that was left in my pc, the malware that was instaled and executed caught up by windows defender was:
Trojan:Script/Wacatac.H!ml
i want an explanation of this, if posible, because i might now be in danger of a posible malware attack where they steal all my information posible

 

[party]

toady i turned on my computer and started runemate (after clicking yes, i trust this aplication, basically giving the app administrator access to my pc), instantly a windows defender antivirus notification popped out and said that a thread was found on my computer, when i see the source of it i got surprised, turns out that comes from runemate, i inmediately quarentine it and delete all runemate stuff that was left in my pc, the malware that was instaled and executed caught up by windows defender was:
Trojan:Script/Wacatac.H!ml
i want an explanation of this, if posible, because i might now be in danger of a posible malware attack where they steal all my information posible

Someone reported this to me earlier today, I'm investigating.

 

[4nn0nym0us]

Someone reported this to me earlier today, I'm investigating.

idk it this helps you but here is the directory of the file where the thread was found, in runemate-game-api.jar: file: C:\Users\*\RuneMate\resources\runemate-game-api.jar

 

[proddedpure112]

i had the same issue ended up uninstalling

 

[arbiter]

The leading theory is that it is a false positive caused by a bad Windows Defender update for this particular detection type that went out this week. Other legitimate software, like CrystalDiskMark, is also being flagged and someone even got it to, allegedly, flag a couple of jpg pictures (!), ref: https://www.reddit.com/r/computerviruses/comments/x1af2y/comment/jdcmurl/.

Kindly report the false positive to Microsoft @ Submit a file for malware analysis - Microsoft Security Intelligence, so that they can get this fixed.

 

[exodus4tune]

toady i turned on my computer and started runemate (after clicking yes, i trust this aplication, basically giving the app administrator access to my pc), instantly a windows defender antivirus notification popped out and said that a thread was found on my computer, when i see the source of it i got surprised, turns out that comes from runemate, i inmediately quarentine it and delete all runemate stuff that was left in my pc, the malware that was instaled and executed caught up by windows defender was:
Trojan:Script/Wacatac.H!ml
i want an explanation of this, if posible, because i might now be in danger of a posible malware attack where they steal all my information posible

I've been using Runemate for almost 4 years, Never had any security issues.

Make sure your email and your OSRS account both have 2fa If they don't have it already.

 

[anon0610]

so, this says resolved. are we able to use the bot again or is it still going to deny use due to extension errors and Trojans?

 

[party]

so, this says resolved. are we able to use the bot again or is it still going to deny use due to extension errors and Trojans?

I had to add an exclusion to Windows Defender and then restart my PC to get it to work again, but we did release an update today which (hopefully) isn't flagged so it should work again with no intervention.

 

[anon0610]

I had to add an exclusion to Windows Defender and then restart my PC to get it to work again, but we did release an update today which (hopefully) isn't flagged so it should work again with no intervention.

awesome to hear!