Resolved Alt account was just hacked and RuneMate is the only suspect

Discussion in 'Client & Site Support' started by quietess, Jan 28, 2016.

Thread Status:
Not open for further replies.
  1. I want to apologize to the community, I discovered how my account was hijacked, and I'm truly sorry for pointing fingers at RuneMate, the method used was pretty hard to predict and is entirely my fault for not being more weary.

    The only thing I can offer at this time is advice: 2 step authentication is amazing, and using a password that's different from any other site is a great idea.

    How it was hijacked: I had lent the account to a friend to use for farming dwarf ogres two months ago when I had quit the game. When invention came around, the thousands of hand cannons he had farmed skyrocketed in price and he became a billionaire, (I wasn't around for this) he became extremely egotistical and eventually got kicked out of the clan/friend's chat/discord group for generally just being an asshole. His response was to do as many fucked up things as possible to people who resided in the clan, things including DDOSing members, leaking clan secrets, etc. One of those things was attempting to steal my account and take all the gold off of it. He tried to find the password for my main account by looking at bugabuse's forum dump, found a password that didn't work for my main, but worked for my alt account (since he knew the e-mail login). So he settled for my alt and stole the gold off of it. I discovered what happened when I joined the Discord group again today, and managed to put two and two together.

    I'm sorry.
    #1 quietess, Jan 28, 2016
    Last edited: Jan 30, 2016
    Cloud and Arbiter like this.
  2. I guess you should start looking for more options other than RuneMate, because I can tell you it wasn't RuneMate.
  3. I'd really like to believe it isn't so, but I've been looking everywhere and can't find any other explanation.
  4. I love topics like these... *pukes*

    Honestly mate, there's no point in even posting this thread. Think about it.

    If they stole your money (you would be the first one to have ever reported it), do you think they think it's worth hacking an account that has not even 40$ of items on it in relation to the trustworthiness of RuneMate? I doubt it.

    And secondly, if they didn't (the obvious answer), you're only damaging reputation with ungrounded accusations. Your post only raises doubt by people that isn't good for anything.

    I would like to tell you to think about your actions next time you're on the verge of posting something similar like this, because it isn't good for anything.
    Qosmiof2 likes this.
  5. this
  6. Maybe it's those "free" virus scanners?
    SlashnHax and Microsoft like this.
  7. There's no point? Really? Because I know it couldn't have been much else, I haven't downloaded anything that would have lead to this, and it definitely doesn't make sense that my main account is unaffected... especially when my alt account has a bank pin on it, which I have to provide to the bot. Maybe it's possible someone behind the scenes has gotten tired of the site and is performing a massive clean-up before storming off. Maybe it's possible one of the bots I've used may have included some unwanted feature. (These are the bots installed, by the way. The most recently installed ones are Mass Fighter and SkryptWineDrinker)

    I didn't get phished because that still wouldn't have given them my bank pin, I didn't get a RAT/keylogger because I haven't downloaded anything that isn't something really big and official (or even related to RuneScape for that matter), and my main account is also still unaffected which doesn't make sense, and I didn't get recovered because I was still able to log into the account, and there is no e-mail about anything RuneScape related.

    I don't claim to know how the bot works, whether the account details are stored on my own computer, or stored in RuneMate's servers. I don't claim that Arbiter is actually performing a grand heist with RuneMate. I claim that my account was hacked, and the only possible suspect is RuneMate.

    All I'm asking is for someone to look into this just in case this begins to happen to anyone else. I've gone ahead and put mobile authenticator on all of my accounts, I've also changed the passwords from separate computers, and I'm thinking about re-installing Windows because there isn't much to lose.

    I agree AVG FREE is pretty virus-y, but it's definitely not the type of thing to steal money off of your RuneScape account, especially when you download it post-theft.
    #7 quietess, Jan 28, 2016
    Last edited: Jan 28, 2016
  8. The fact of the matter is that your measly account isn't worth jeopardizing a business over, that and I'm relatively confident that the client stores login data locally much like every other client.
    You don't need to download anything big or official to get a keylogger, typically keyloggers will log the active window alongside your keystrokes so they have some context as to what the information can be used for.

    And I severely doubt someone is performing a large scale scam simply because you are the only person to have said anything. These kinds of claim are actually rather common on botting websites, typically the user is either trying to sabotage the reputation of a client or simply was compromised as they downloaded shady software.
    Bertrand likes this.
  9. Scriptwriters can not access account details. Every update we make to our bots and are personally reviewed by either Cloud or Arbiter. There's no chance any malicious code gets through.

    And I'm not sure how account details are saved, but I do know they're held online so they synchronise with all your device where you log in with your account. This means if anyone has access to your forum account, they can also get your passwords and pin details. (TWO STEP VERIFICATION IS IMPORTANT.)

    Honestly, I'm 99% sure that you are the reason you had your account hijacked, as there's simply no benefit from the developer/owner point of view to put the value of the name RuneMate on the line for barely 40$.
    Qosmiof2 likes this.
  10. Sorry but just piss off bro
    Enviga and Qosmiof2 like this.
  11. I did it. I ruined the trustworthiness of our business for your $20 worth in gold.
    Microsoft likes this.
  12. I don't think you can blame RM when you don't even have Authenticator enabled on your account. I've used these guys since RM was released, even before version 1.0 and I've never had any issues.
  13. It wasn't Runemate....... might wanna get your computer further inspected
  14. He probably followed the link to the "100mil giveaway" scam. The "forum" link they post is just a phishing version of RuneScape's website.
  15. Dude. Delete system32
    Krosden likes this.
  16. yep. blindly following phishing links are nothing your av would detect when searching for viruses on your computer
  17. Delete your mind (or the rest of it).
    --- Double Post Merged, Jan 28, 2016, Original Post Date: Jan 28, 2016 ---
    Everything you download you need to scan at VirusTotal.
    You think there isnt any trojan/keylogger on your computer, but sometimes, yeah, they're just hidin' and stealing your shit.
    Mimimi is real.
  18. Most hacks do not come from viruses of malicious software, think about anywhere you used the same email address and password, more likely though, think of any friends who know the account username.

    It's a lot like real hacking. Hackers in the movies and such always "crack a firewall" or some shit, but in real life hacking, it's just a fake email from a friend or the target using the same password for multiple accounts.

    Unfortunately, there is no way to 100% without a doubt say that the Admins of Runemate did not steal your gold for an easy 20 bucks. On the other hand, you should consider just who Arbiter is and consider how long he has been on the botting scene without incident and in the long run would that $20 be worth any tarnish to his reputation.

    Again, don't bother with the virus scan, you would be better off spending your time looking through your usernames and passwords of other websites on which you used the same username and password as the account that was hacked. Unless you are using IE, in which case, Chrome or Fire Fox up.
    Insomniac and creativeself like this.
  19. If you're looking for a reason- I'd read Exia's post. It is very accurate, most hacking these days are involve the least intrusive methods you could imagine. Simply talking to someone online or even real life could help reveal information surrounding your password.
  20. I think the posts above me sum it up pretty well, some more kindly than others. Just to make it official, RuneMate didn't and never has accessed users' accounts. The data received by the servers is heavily encrypted and we couldn't even if we wanted. Any novice reverse engineer could inspect the client and verify that fact. My longstanding reputation aside (likely begins when you were but a toddler), $20-40 is not an amount of any interest to the owners of RuneMate; we both have real-life careers that keep us satisfactorily compensated. It is not possible that a Bot Author snuck code in to collect your data, because account information is not exposed in the API and any attempt to capture it would be caught by our static code analyzer and/or the manual scan every line of code is subjected to.

    While I do not wish to speculate on the hundreds of ways your account could have been compromised, a few of the most common are through common credentials, sharing accounts, phishing, and malware. I occasionally provide IT services to friends and family, and in scenarios like this my first suggestion is to immediately stop all usage of the computer(s) in question and perform a full reformat. Once a breach is detected, it's simply not worth the risk of any further damage for the convenience of having your current installation of an operating system.

    @everyone: I would personally appreciate it if we all stayed nice to OP. He's obviously suffered a loss, and is understandably upset. It's common to respond emotionally and irrationally. The best thing we can do is keep our heads cool and explain logically.
Thread Status:
Not open for further replies.

Share This Page