forums.rs

Forums

Account hacked after a decade?

Quick find code: 408-409-801-66275148

MgK JukeBox

MgK JukeBox

Posts: 2 Bronze Posts by user Forum Profile RuneMetrics Profile
Hi,

I restarted playing osrs yesterday and got hacked in the hours that followed and clearly clueless on how this is possible.

My acc was created probably a decade ago, never done anything suspicious my email is not compromised, any virus on my PC and yet i can't really explain this hack. I was thinking about a mobile breach (i connected my account on osrs mobile) but cant really prove it comes from here.

I don't get why now and why on runescape specifically. I would like to understand how this was possible and resolve this security breach.

The faq about security and chatbot doesn't help at all. Is there a way to chat with a real person from Jagex ?

Thanks in advance for your answer

21-Feb-2023 18:17:46

Mrs Ana

Mrs Ana

Posts: 9,010 Rune Posts by user Forum Profile RuneMetrics Profile
Hi, MgK JukeBox.

Do you use third-party software to play RuneScape? Do you have any linked accounts? If you use third-party software to play RuneScape, please remember that A) the usage of these programs are
at your own risk
and B) the creators of these programs have complete access to your account while you log in using their services. You may read more on that here: Third Party Clients Update .

Furthermore, if you have linked accounts -- either because you set them up or because someone else (a hijacker) did -- these allow you or a hijacker to easily log in without having to enter the password and bypassing the Authenticator.

If you want to see if they are any linked accounts that were not added by you, please follow the steps below and appropriately remove them if they are not recognized:

1. Go to the yellow/orange "
My Account
" or "Account" link at the top right corner of your computer screen:



2. Once there, head to "Linked Accounts" and click on it:



3. You will be presented with the image below. If you don't recognize any of the linked accounts, remove them. If you do, ensure that they are completely secured by following the instructions on the Security tips Support page for Google's 2-Step Verification; Apple's two-factor authentication; or Steam Guard:

21-Feb-2023 19:55:09

MgK JukeBox

MgK JukeBox

Posts: 2 Bronze Posts by user Forum Profile RuneMetrics Profile
Hi Ana,

Thanks for your answer !

I used Runelite which as far as i know is one of the 3 authorized third party client right ?

Already checked, there was any linked account. Already check my email activity, 0 suspect activity during the period.

The hacker did activated the 2FA (was off). I disabled it and reactivated it.

21-Feb-2023 21:51:00

Mrs Ana

Mrs Ana

Posts: 9,010 Rune Posts by user Forum Profile RuneMetrics Profile
Original message details are unavailable.
I used Runelite which as far as i know is one of the 3 authorized third party client right ? Yes, it is; however, there are rules and regulations that must be adhered to in order to avoid a ban. Please read the Third Party Clients Update article for more information on that.
Original message details are unavailable.
The hacker did activated the 2FA (was off). I disabled it and reactivated it. Please ensure that your security settings are updated by following the tips, suggestions, and instructions found here: Security tips .

21-Feb-2023 21:54:22

Malua
May Member 2006

Malua

Posts: 43,113 Sapphire Posts by user Forum Profile RuneMetrics Profile
MgK JukeBox
, If your account was secure during its years of inactivity but then you returned and the account was breached within hours, it means it was something you did (clicked on) in those first few hours.

Did you go to other websites to get information to help you play? e.g. social media websites, RS fan sites.
If you did, did you see something that enticed you to "click here to sign up for/be given a freebie etc." ?
If you clicked on a link offering something for free, you clicked on a dodgy link and gave permission to a hijacker to directly access your device and RS account.
Hijackers typically set up Authenticator to delay the account owners from logging back in.

Please work through the points on the 'Security Tips' support page Mrs Ana linked for you.

If you examine your browser history between from those few hours, you might be able to find the malicious link you clicked.
Forum Community Helper -
Information about Moderators and Community Helpers

22-Feb-2023 01:56:22

Quick find code: 408-409-801-66275148 Back to Top