forums.rs

Forums

I’ve somehow been Hacked???

Quick find code: 408-409-469-66275668

of 3
R A B B
Jun Member 2023

R A B B

Posts: 18 Bronze Posts by user Forum Profile RuneMetrics Profile
I have an Authenticator, and only use RuneScape Mobile. I took a small week or so break and I logged in to find all of my items gone. My Authenticator hasn’t been disabled. How did this happen?? I haven’t clicked on any suspicious links or anything…

Someone please help?? I don’t see how this could’ve happened.

02-Mar-2023 01:16:21

Malua
May Member 2006

Malua

Posts: 43,113 Sapphire Posts by user Forum Profile RuneMetrics Profile
Hi there
R A B B


Start by checking the 'Linked Accounts' tab in account management.
If you see any linked accounts in there, unlink them. Click on 'Manage Steam' to check for a linked Steam account.
If the only linked account in there is your own account, check the security of your linked account on its website as your third party account is insecure.

If you check and find no linked accounts at all, there only two possible other reasons:
1. the hijacker has direct access to your Authenticator code generator app e.g. your phone.
2. you have been tricked into clicking on a dodgy link and have given the hijacker permission to directly access your device. They have used this access to get into your RuneScape account.

A Linked Account is the most common reason for this type of hijack.
Review your email, device and account security by working through the points on the Security tips support page.
Forum Community Helper -
Information about Moderators and Community Helpers

02-Mar-2023 01:38:32

R A B B
Jun Member 2023

R A B B

Posts: 18 Bronze Posts by user Forum Profile RuneMetrics Profile
I only use Mobile, no one has had access to my phone and no one has logged into my email to access my Authenticator. I did not click on any sketchy links (I double checked my browser history) I never log in using a browser, I only use mobile.

There’s no way someone should’ve been able to access my account while the Authenticator is active. This has to be a serious oversight on Jagex part for this to even be possible.

02-Mar-2023 14:16:54

Mrs Ana

Mrs Ana

Posts: 9,010 Rune Posts by user Forum Profile RuneMetrics Profile
Hi, R A B B.

Did you check for linked accounts as Malua suggested above? If you want to see if they are any linked accounts that were not added by you, please follow the steps below and appropriately remove them if they are not recognized:

1. Go to the yellow/orange "
My Account
" or "Account" link at the top right corner of your computer screen:



2. Once there, head to "Linked Accounts" and click on it:



3. You will be presented with the image below. If you don't recognize any of the linked accounts, remove them.

4. Click on "Manage Steam". Since I don't have any linked accounts, it says "Link" for me, as represented above with Google, Apple and Facebook and by the image below for Steam and Amazon:

5. If you do recognize the linked account(s), ensure that they are completely secured by following the instructions on the Security tips Support page for Google's 2-Step Verification; Apple's two-factor authentication; or Steam Guard, as evidenced below:

02-Mar-2023 16:28:40

2_Tron

2_Tron

Posts: 23,025 Opal Posts by user Forum Profile RuneMetrics Profile
@R A B B, on mobile there's a difference ...

1) You stopped playing RuneScape Mobile, your Jagex Launcher keeping your account ready/prepared for the next round of gameplay. RuneScape Authenticator isn't required anymore as you not have fully logged out.



^ Anyone having a brief moment to take your phone in a unattended moment can access your account without needing your credentials nor your RuneScape Authenticator.


2) You stopped playing RuneScape, you fully logged out/Sign out and next time you wanna resume the next round of gameplay, you need your credentials as well as your RuneScape Authenticator to log in into RuneScape Mobile.



^ Nobody has access to your RuneScape account.

02-Mar-2023 19:32:55

R A B B
Jun Member 2023

R A B B

Posts: 18 Bronze Posts by user Forum Profile RuneMetrics Profile
I have no linked accounts other than my Amazon which I am aware of.
No one has accessed my phone, trust me. And if they did they wouldn’t have had it long enough to remove my bank pin and steal all my tradeable items.

02-Mar-2023 20:52:42

R A B B
Jun Member 2023

R A B B

Posts: 18 Bronze Posts by user Forum Profile RuneMetrics Profile
Thank you all for your help but none of these are applicable to me. I have no shady linked accounts, I haven’t clicked any links, my Authenticator is still active and somehow someone logged into my account and stole all my items.

I haven’t used my RS log in on anything other than to log in on mobile.

02-Mar-2023 20:55:48

Malua
May Member 2006

Malua

Posts: 43,113 Sapphire Posts by user Forum Profile RuneMetrics Profile
Original message details are unavailable.
Thank you all for your help but none of these are applicable to me. I am sorry but there are no other possibilities than the three mentioned above.

Your Authenticator has been breached. It hasn't been disabled, it is still active.
Your Bank PIN was removed? That could have been done without knowing it if the hijacker had long enough (3 days or 7 days, depending on what you have set).
The Bank PIN removal doesn't help provide a clue to how this hijack happened but the Authenticator still being active is a strong clue.

Either they used a linked account, they had physical access to your Auth (phone) or you clicked a dodgy link and gave them permission to access your device.
There are no other possibilities if your Auth is still active.

Getting physical access to your phone is the least common of these.
Linked accounts or clicking on dodgy links are the most common possibilities.

Do you have your Auth set to request a code at every login or every 30 days?
Having it set to 30 days makes the clicking a dodgy link theory more possible as it allows the hijacker up to 30 days to access your RuneScape account.
It doesn't matter what setting you have on your Auth if the hijacker used a linked account.
Forum Community Helper -
Information about Moderators and Community Helpers

02-Mar-2023 21:58:15

2_Tron

2_Tron

Posts: 23,025 Opal Posts by user Forum Profile RuneMetrics Profile
On mobile ...

- there's no 30 days option for RuneScape Authenticator, you give the code once and if you do not fully log/sign out your RuneScape Authenticator will not ask for a code anymore until you really do log/sign out

- RuneScape Autenticator is required for bank access, including metalbank and other important high risk game-parts (wilderness, teleports etc. etc.), always been asked to give a code, if you have set RuneScape Authenticator active

- bankpin, will remain active on your account, is dormit when RuneScape Authenticator is active but becomes active once again when RuneScape Authenticator is removed

The only thing this 'intruder/hacker/hijacker/thief' could have done is ripp your inventory clear and take all your armour/gaming gear so you have nothing left on your account/body.

03-Mar-2023 09:44:33

Quick find code: 408-409-469-66275668 Back to Top