Never thought i would say this

[Runeman69]

Looks like hackers really actually exist. Heres the story

 

 

 

 

 

 

 

Logged of the 6 hours ago to go to work. I've now just arrived home and about to go out for tea, thought id long on first cause i wanted to see how close i was to a slayer level. And im in the middle of fally i dont remember going there but im like hey must of telied myself there.

 

 

 

 

 

 

 

Went to bank and all my f2p stuff was gone and so was my drag legs and med i guess they hi alched them cause they left my drag scimy and long and all my members stuff but whats really weird is they also left my addy (g) and rune (t) took all 2mil my rune sets plenty of other stuff cause im done to one page makes me so mad im assuming my brothers download something thats caused this little brat.

 

 

 

 

 

 

 

and now im asking for advice on what i can do to scan my computer and such? i dont want any items just get rid of this dam virus keylogger or whatever cause im still doubting genuine hacking happened

[Spikestrip98]

Double post

[Spikestrip98]

All I could suggest is do a full system scan with Ad-Aware (http://www.lavasoft.com/), Scan with Spybot (http://www.download.com/3000-2144-10122137.html?part=104443&subj=dlpage&tag=button) and maybe go out and buy McAfee Antivirus software.

[lunchbox456]

Ouch...Tough luck man, that's why if you live with a family and they like to use your comp, make them a limited account(assuming you're running WinXP).

[specialized-p2]

that sux :( but hey he left u something :P scan ur comp first :? .

[Ycon]

Make an account for surfing and dont allow ANY administrative functions for that account.

 

 

 

Then buy/get all security and anti spyware progs u can find =)

[Mayjest]

Go out, buy a USBkey (also known as a datastick), even an iPod will do it, copy everything important accross (word documents, excel stuff, etc. Not stuff that can be redone, such as saved game files (unless you're real.ly attached to one). The format your hard drive. Reinstall xp or whatever OS you use, then put the important stuff back on from the datastick. Problem solved.

[Runeman69]

thanks guys i already had ad aware and i use ezfirewall and ezantivirus haha i know there cheap and free but hey i thought i was safe thanks guys and formatting isnt an option im in tafe doing accounting and need all my instal and myob files and such and couldnt be bothered backing up hopefully i can gvet back on my feet cause they didnt take some stuff i can sell oh well i guess this can be a turn around for me

 

 

 

 

 

 

 

p.s downloading spybot now

[zonda]

Ugg.... don't reformat, because that is too much work for most people to be bothered with when you really don't need to.

 

 

 

 

 

 

 

Read the stickies on the tech and computer board. There you will find links to housecall, which you should scan with, adawarre, spybot, zone alarm... which is a firewall that you should use.

 

 

 

 

 

 

 

Then post a hi jack this log here after scanning with all the above listed programs in safemode. If you don't know how to enter safe mode search for it, it has been posted many times before.

[Dark_Tigra]

Let me ask you this: Is your forum password the same as your game password?

 

 

 

 

 

 

 

I've been told (by people who aren't paranoid [developmentally delayed]s) that the actually "hackings" as of late were not due to an IE jpg security flaw, but by someone cracking different forum's password databases, then using forum pw's to log into characters, assuming they were the same.

[qwissa]

Quit rs, it makes you feel better :)

[spooferfish]

:( I'm sorry to hear that. At least they left ya with somethings...

[Phil]

:( I'm sorry to hear that. At least they left ya with somethings...

 

 

 

They probably left him with some items so he could build up his money supplies again, then they will wait a few weeks/months and 'hack' him again.

 

 

 

This is why runeman should make his system safe before logging into rs again.

 

 

 

 

 

 

 

And Dark_Tigra, I think that gaining passwords from forums, especially this one is extremely difficult. But your right, don't use the same pass anywhere that is the same as your rs pass, just incase.

 

 

 

 

 

 

 

Also Zonda is right, there is no need to reformat your drive. Visit the tech board, do a few scans (housecall, adaware SE, spybot S+D, post a hijackthis log, get a firewall(zonealarm is a good free one.)) and you should be fine.

[Runeman69]

yeh so next day and ive decided ive got 3 months members left make the most of it what is really strange is they left me with rune plate (t) addy legs (g) my drag scim and couple of things i can make money with

 

 

 

 

 

 

 

results of scans

 

 

 

Easy anti-virus found 4

 

 

 

ad aware found 30

 

 

 

spybot found 93

 

 

 

pc bug doctor found 152

 

 

 

and gonna do that house call thing now then chage pw and whats this hi jack log?

 

 

 

 

 

 

 

also no i use a mix of 3 poasswords 21 characters long so cant get from anywhere else

[Phil]

and whats this hi jack log?

 

 

 

http://www.majorgeeks.com/download3155.html

 

 

 

When you run it, post the log in a new topic on the tech and computer board or in this topic if you like. You will get help there with it. Don't change anything on it yourself though, because you could damage your computer.

[Dark_Tigra]

Phil, I'm aware it's hard, but there are kids out there that learn this stuff on hacking sites...There actually ARE kids playing that aren't as stupid as the rest who just use keyloggers, but they're very few and far between.

 

 

 

 

 

 

 

Anyways, I was told from someone who knows someone who knows the guy that "did it". He said he cracked into the password databases of this forums and many other ones, then just used trial and error with PW's. He said he gained like 4 billion gp from hacking very high level people with it, and he had a picture (which I saw) and it appeared to be real, however there's no way to tell if it was Hexed or not.

 

 

 

 

 

 

 

Anyways, sorry to hear.

[Mercifull]

Phil, I'm aware it's hard, but there are kids out there that learn this stuff on hacking sites...There actually ARE kids playing that aren't as stupid as the rest who just use keyloggers, but they're very few and far between.

 

 

 

 

 

 

 

Anyways, I was told from someone who knows someone who knows the guy that "did it". He said he cracked into the password databases of this forums and many other ones, then just used trial and error with PW's. He said he gained like 4 billion gp from hacking very high level people with it, and he had a picture (which I saw) and it appeared to be real, however there's no way to tell if it was Hexed or not.

 

 

 

 

 

 

 

Anyways, sorry to hear.

 

 

 

 

 

 

 

Its rubbish, and i can quite safely say that hes bsing because i told rae how to fix the glitch which he claims to have used because an official patch was released on phpbb.com and before the exploit was posted all over the place. its highly unlikely that this person managed to take advantage of the bug but i guess there is a small chance. however the bug in question does NOT do what he said it does.

 

 

 

 

 

 

 

He could have used the header/cookie glitch to log in as any user. And then what? He cannot change the password of this account without knowing the original. Your password is not shown in plaiun text anywhere on your profile. So lets rule out that bug.

 

 

 

 

 

 

 

The only other possible exploit it could be is the one for phpbb 2.0.10 which was patched again the same morning that the exploit was released. This big enabled you, amongst other things, to display in plain text the sql database password. If you know ure commands you could also have downloaded a backup dump of this database. This is what the "hacker" claims to have done. However there is a slight flaw in hiw thinking because the passwords are NOT stored in plain text in the database. They use an encryption hash called MD5. It is a one way hash meaning that you cannot decrypt the encoding.

 

 

 

example.

 

 

 

Banana = e6f9c347672daae5a2557ae118f44a1e

 

 

 

banana = 72b302bf297a228a75730123efef7c41

 

 

 

BANANA = b252d1fe1c0c16d001027c2fce9b6529

 

 

 

all completely different.

 

 

 

the people were hacked thru a billy basic nooby script kiddies jpg keylogger. the guy has no skill whatso ever. go and convince some other ppl that you are a "1337 h4xx0r" because you aint fooling me.

[battletrax]

But merc... You forgot that he hacked into the cia and used their supercomputers to brute force the encryption. That's the rest of the story... :lol:

[Mercifull]

But merc... You forgot that he hacked into the cia and used their supercomputers to brute force the encryption. That's the rest of the story... :lol:

 

 

 

 

 

 

 

Ahh yes lol, tis the only possible way what he says is true ^_^

 

 

 

I love owning bsers :D

[grin_king]

Nuff now...