Dear Jagex staff and mods.
My account recently got hacked and when I got my account back, my bank was stripped of its valuebles with a total worth of 3B+.
The big question of this all is, how did they bypass the 2FA security from OSRS?
Too bad I did not made a Jagex account yet, which I offcourse did after I got my account back.
But before we get into more details, here is a list of measurements I have taken to protect my account and my pc.
- I have 2FA on both my RS Account and my E-mail adress
- My RS password had more characters intentionally, since they dont allow symbols/special characters
- I have good security (active antivirus and anti malmware) on my pc, there is zero chance of any keyloggers.
- I did not link any other accounts (like steam) on my osrs RS account.
My e-mail is 100% NOT compromised, otherwise I would have known. I get notified on 2 different e-mail accounts when there is a new log-in.
To my big surprise they where able to hack into my account and somehow bypass the 2FA and yet I did not recieve any e-mails from Jagex about changing password/2FA (which is normal).
Another strange facts is, when I got my account back, it was linked to a steam account, clearly it was from the hackers, but then again.. How??
The only way I can imagine they would have been able to acces my account and bypass any 2FA, is by a false account recovery.
Therefor I am kindly asking account support to take a look into this matter and the way I got hacked, also asking for the retrieval off the stolen items from my osrs account.
Years and years of progress and grinding has been removed by a potentially false recovery!
Kindly awaiting your soonest reply and assistance.
Markjow
13-Jul-2023 23:00:33
