Forums
2FA Account hacked 800mil gone
Quick find code: 408-409-61-66275403
Hi there
Is your Authenticator still active or has it been disabled?
If it is still active, the next thing to check would be the 'Linked Accounts' tab. You said there are no linked accounts - did you check Steam? You have to click on 'Manage Steam' to check for a linked Steam account.
If there really are no linked accounts and you have checked your email and found it has no unauthorised logins, the only other possibility is that you have been tricked into clicking on a dodgy link and have given permission for the hijacker to directly access your device and RuneScape account. The only way to check this is to go through your browser history.
The account being locked for suspicious activity means there has been more than one hijacker!
Accounts get locked at login so the hijacker that locked the account didn't get into it.
The hijacker before that got into your account then passed your access information on to someone else.
Please work through the instructions on the Security tips support page.
Don't skimp any as they each serve a purpose to help you keep your account secure.
Pete Meatza
Is your Authenticator still active or has it been disabled?
If it is still active, the next thing to check would be the 'Linked Accounts' tab. You said there are no linked accounts - did you check Steam? You have to click on 'Manage Steam' to check for a linked Steam account.
If there really are no linked accounts and you have checked your email and found it has no unauthorised logins, the only other possibility is that you have been tricked into clicking on a dodgy link and have given permission for the hijacker to directly access your device and RuneScape account. The only way to check this is to go through your browser history.
The account being locked for suspicious activity means there has been more than one hijacker!
Accounts get locked at login so the hijacker that locked the account didn't get into it.
The hijacker before that got into your account then passed your access information on to someone else.
Please work through the instructions on the Security tips support page.
Don't skimp any as they each serve a purpose to help you keep your account secure.
Forum Community Helper -
Information about Moderators and Community Helpers
25-Feb-2023 22:08:50
Hi Malua,
The authenticator has not been disabled. I have 0 linked accounts (checked under both manage steam and amazon. Nothing)
Checking my email for login to see if it has been breached, nada:
My account was already secured with the security tips steps; why was I a victim of this then? What happened? Is there any way to find answers? I feel like the ownership here is out of my hands and this has exhausted my desire to start over, if it just means in another 2 years I will lose it all again.
Would it be possible to silently disable the authenticator if they had my login info ? Was there a QR code breach on Jagex's end for the authenticators?
If no one had my email login, I cannot fathom anything besides those two scenarios.
This is all happening just before a major security update to our accounts... I'm gutted. I hope you understand where I'm coming from. Thanks for any further help in advance.
The authenticator has not been disabled. I have 0 linked accounts (checked under both manage steam and amazon. Nothing)
Checking my email for login to see if it has been breached, nada:
My account was already secured with the security tips steps; why was I a victim of this then? What happened? Is there any way to find answers? I feel like the ownership here is out of my hands and this has exhausted my desire to start over, if it just means in another 2 years I will lose it all again.
Would it be possible to silently disable the authenticator if they had my login info ? Was there a QR code breach on Jagex's end for the authenticators?
If no one had my email login, I cannot fathom anything besides those two scenarios.
This is all happening just before a major security update to our accounts... I'm gutted. I hope you understand where I'm coming from. Thanks for any further help in advance.
27-Feb-2023 17:29:31
Hey, Pete Meatza.
You said you use RuneLite. Where did you download RuneLite from? It may have been a fraudulent copy. To avoid this, Jagex added a direct link to the RuneLite website on their own Old School RuneScape (OSRS):
Please also remember that the usage of third-party software has always been and it still is
Did you check for dodgy/suspicious links, as Malua said above? Nowadays, it only takes a click on a link to automatically give access to hijackers. That's why she mentioned to check your browsing history for this possibility.
The Security tips Support article contains all the steps that one must follow to have the best security settings possible; however, Jagex nor anyone else for that matter is capable of controlling how you browse the Internet. This means that, even if you have all the security layers provided by Jagex; your registered email address provider; and even your playing device, it is still possible for hijackers to gain unauthorized to your computer/mobile devices, registered email address and your RuneScape account if you don't employ a safe Internet browsing routine.
You said you use RuneLite. Where did you download RuneLite from? It may have been a fraudulent copy. To avoid this, Jagex added a direct link to the RuneLite website on their own Old School RuneScape (OSRS):
https://oldschool.runescape.com/
Please also remember that the usage of third-party software has always been and it still is
use at your own risk
. This implies that anything and everything that happens to your account while utilizing these programs is your complete responsibility and not that of Jagex's. Additionally, it's paramount to mention that the creators of these third-party programs have access to your RuneScape account, i.e., its login username/email address and password. You may find out more about that here:
Third Party Clients Update
.
Did you check for dodgy/suspicious links, as Malua said above? Nowadays, it only takes a click on a link to automatically give access to hijackers. That's why she mentioned to check your browsing history for this possibility.
The Security tips Support article contains all the steps that one must follow to have the best security settings possible; however, Jagex nor anyone else for that matter is capable of controlling how you browse the Internet. This means that, even if you have all the security layers provided by Jagex; your registered email address provider; and even your playing device, it is still possible for hijackers to gain unauthorized to your computer/mobile devices, registered email address and your RuneScape account if you don't employ a safe Internet browsing routine.
27-Feb-2023 17:52:50 - Last edited on 27-Feb-2023 19:14:15 by Mrs Ana
Original message details are unavailable.
They don't have access to a physical device that is needed to authenticate via 2fa, though. I guess I shouldn't have employed the use of "complete". I meant to convey that the creators of these third-party software have access to the RuneScape login username/email address and password . With that being said, what stops them from trying to hijack someone's account given that people have put their trust into their clients? That's one of the reasons why it's always
This is only true because Jagex's 2fa can be removed without backup codes or access to the actual authentication device, this is hardly the defense you think it is. Well, in order to remove the Authenticator, you'd need access to the account's registered email address. That's why it's important to keep those registered email addresses secured and GMail has proven to be the best out of those currently available.
I mean, when it comes to the Internet, nothing is ever 100% secured, now is it
?
They don't have access to a physical device that is needed to authenticate via 2fa, though. I guess I shouldn't have employed the use of "complete". I meant to convey that the creators of these third-party software have access to the RuneScape login username/email address and password . With that being said, what stops them from trying to hijack someone's account given that people have put their trust into their clients? That's one of the reasons why it's always
use at your own risk
. Furthermore, you have those people that make fraudulent copies to solely hijack others and these actions prompted Jagex to add a direct link to RuneLite's official website on the OSRS main site.
Original message details are unavailable.
This is only true because Jagex's 2fa can be removed without backup codes or access to the actual authentication device, this is hardly the defense you think it is. Well, in order to remove the Authenticator, you'd need access to the account's registered email address. That's why it's important to keep those registered email addresses secured and GMail has proven to be the best out of those currently available.
I mean, when it comes to the Internet, nothing is ever 100% secured, now is it
?
27-Feb-2023 19:13:04
Quick find code: 408-409-61-66275403 Back to Top