I was just hacked...this has never happened to me before

[Zoov]

Hello,

 

I am a nonmember. I do not play Runescape often except to do holiday events or go on nonmember streaks of play. For a long period of time I was a member, and I still reactivate every once in awhile; however, today I my views changed.

 

Yesterday I logged in to do the easter event, completed the quest, and logged out south of Falador.

 

Today I logged into the home page to vote in the boss poll, but I could not. I tried logging into the game to see if my account worked...It did not. I quickly reset the kit and changed it. Then I logged in.

 

I was in Lumbridge. I still had my clothing on (members stuff), but my inventory was full of pots and buckets and such. I ran to my bank to see if anything was askew. Well, I still have my whip and everything, but every nonmember item was cleaned out.

 

I lost 8 million cash, some sets of rune armor, and all my air runes, water runes, other runes etc. Also lobsters and every other nonmember item. And yes, 8 million cash is a lot to me. A fraction of my wealth, but still hard-earned and a huge amount to me. Total all of the stuff was maybe 10 million, but I am not really sure what I lost exactly. I mean...even my mime boots were taken out of the bank. It might have been a computer program hacking me.

 

I never went on any malicious sites, told anyone anything, or clicked any weird emails. I do not have a bank PIN; I sure do now.

 

I do not play super-often, so it is not detrimental, but it sure stinks. About seven years of playing only to be hacked right now. I am so safe. It just stinks. It really does. I know it happened within 24 hours from before. Can I do anything, or am I hosed?

 

Something needs to be done to protect players from hackers better.

 

I am a very safe player. I have never been banned. I consider myself very moral. I have never even been ****'d out.

 

I started my account seven years ago. You can see by my profile that I have high stats. To get hacked is never something I would imagine.

 

I am not saying Jagex completely at fault as I am extremeley disappointed with myself for letting this happen.

 

Please help!

 

P.S. - I know I may look silly with my Pokemon signature, but please take me seriously. This is extremely scary.

[Danqazmlp]

Do a full virus scan of your computer to make sure you don't have a keylogger. Then reset your password and recoveries. Set a bank pin and then keep an eye on your account for a few days if they try to do it again.

[GoldTatze]

Completely agree with the moderator above.

 

Also, Jagex has done everything in its power to prevent you from being hacked. Huge password character limit, bank pin, recovery questions, back up email...some of it is up to you.

[Hegelstad]

The same happened to me today, i found it really strange. I have always been focusing on keeping my account secure and i have said to other people that has been hacked that they should secure their account more. However i think i couldn't possible made my account more secure than it was. Yet is was "hacked"...

 

Funny thing is that the lock mechanism doesn't work. When i logged on it was locked, but the items i weared was still stolen, so I'm left with 28mil less wealth and not a single message of apology from jagex because their system is a failure. I want to be able to select which MAC/IP addresses i can connect from. That is the secureness.

 

Full support to the thread starter!

[Jimmyw3000]

Completely agree with the moderator above.

 

Also, Jagex has done everything in its power to prevent you from being hacked. Huge password character limit, bank pin, recovery questions, back up email...some of it is up to you.

double think the back-up email option

 

it'll help you recover your account back, but it makes it can make easier/harder for hackers etc. to hack your account.

 

if a lot of people know the email you registered with, then someone might be able to dig up enough information to recover ur acc.

[Hegelstad]

Completely agree with the moderator above.

 

Also, Jagex has done everything in its power to prevent you from being hacked. Huge password character limit, bank pin, recovery questions, back up email...some of it is up to you.

double think the back-up email option

 

it'll help you recover your account back, but it makes it can make easier/harder for hackers etc. to hack your account.

 

if a lot of people know the email you registered with, then someone might be able to dig up enough information to recover ur acc.

 

I don't think it was recovered, because i logged on the same day. I reckon recovers without credit card information takes more than 1 day.

 

I suspect a keylogger, because i am at the world's second largest computer gathering here, and somehow after i connected to the internet here, my antivirus were disabled (i found out after i was hacked). And my computer were filled with 13 trojans >.> But i don't know how people would be able to get my ip here and upload a keylogger to my computer (i think it was open because the firewall was down because of the virus). It really bothers me this thing... There should be a way to add optional security to your account to be honest. For example an account pin, not just a bank pin.

[Nomrombom]

Rarely if EVER is anyone legitimately hacked out of their control. You got something on the computer - a keylogger, a trojan, some kind of virus, or maybe you were phished. In any case, it is 0% Jagex's fault. They make a PIN available, up to 12 chars in a password, recoveries, email recovery, reporting system etc.

 

Don't even try to blame them. Run a good virus scanner and update your pass, email security, and recovery questions.

 

And you ask for "help." There's nothing that can be done further than the above. Items cannot be returned or refunded.

 

So you learn your lesson and that's that. It shouldn't happen again, now that you've had the experience.

[TheSpecialOne]

The same happened to me today, i found it really strange. I have always been focusing on keeping my account secure and i have said to other people that has been hacked that they should secure their account more. However i think i couldn't possible made my account more secure than it was. Yet is was "hacked"...

 

Funny thing is that the lock mechanism doesn't work. When i logged on it was locked, but the items i weared was still stolen, so I'm left with 28mil less wealth and not a single message of apology from jagex because their system is a failure. I want to be able to select which MAC/IP addresses i can connect from. That is the secureness.

 

Full support to the thread starter!

a good tip is to use the on screen keyboard for your password as i think keyloggers only pick up keys not what you click.

[Hegelstad]

Rarely if EVER is anyone legitimately hacked out of their control. You got something on the computer - a keylogger, a trojan, some kind of virus, or maybe you were phished. In any case, it is 0% Jagex's fault. They make a PIN available, up to 12 chars in a password, recoveries, email recovery, reporting system etc.

 

Don't even try to blame them. Run a good virus scanner and update your pass, email security, and recovery questions.

 

And you ask for "help." There's nothing that can be done further than the above. Items cannot be returned or refunded.

 

So you learn your lesson and that's that. It shouldn't happen again, now that you've had the experience.

 

I've had the experience before, but it happened again. Please don't say im unresponsible.

 

I suspect my virus scanner was silently disabled, and in one day virus were uploaded to my compromised computer, nothing under my control.

 

If Jagex decides to add other optional measures against hijacking that users that are especially worried about their accounts can use, we would have nobody but ourselves to blame. I'd like to be able to select which MAC addresses i can use to log into my account. So it is only possible to login to the game using my personal MAC address.

[Kimberly]

a good tip is to use the on screen keyboard for your password as i think keyloggers only pick up keys not what you click.

 

I have to disagree. While you're right in saying that a keylogger records key strokes, a keylogger AND screengrabber (used to record your screen on a click, or other triggers) can just as easily infect a computer and, if you've got a really good model, you might not even notice a dip in performance. The undisputed best thing to ever do if you feel your computer might be compromised is: stop what you're doing, disconnect from the internet, and do a full scan on your computer with a virus scanner/Malwarebytes with up-to-date definitions.

 

Your accounts, your personal information, all of these things are far too precious to risk because you might feel like you can 'outsmart' the bit of malware when you're not even sure of what you're dealing with...

[Nomrombom]

Rarely if EVER is anyone legitimately hacked out of their control. You got something on the computer - a keylogger, a trojan, some kind of virus, or maybe you were phished. In any case, it is 0% Jagex's fault. They make a PIN available, up to 12 chars in a password, recoveries, email recovery, reporting system etc.

 

Don't even try to blame them. Run a good virus scanner and update your pass, email security, and recovery questions.

 

And you ask for "help." There's nothing that can be done further than the above. Items cannot be returned or refunded.

 

So you learn your lesson and that's that. It shouldn't happen again, now that you've had the experience.

 

I've had the experience before, but it happened again. Please don't say im unresponsible.

 

I suspect my virus scanner was silently disabled, and in one day virus were uploaded to my compromised computer, nothing under my control.

 

If Jagex decides to add other optional measures against hijacking that users that are especially worried about their accounts can use, we would have nobody but ourselves to blame. I'd like to be able to select which MAC addresses i can use to log into my account. So it is only possible to login to the game using my personal MAC address.

 

Your case is one of the very rare where you may have actually been hacked out of your control. 99.99%, without exaggeration, of people in RS being "hacked" is either a virus they got from a site they went to or something they downloaded (and didn't have a good AV or two).

[TheSpecialOne]

a good tip is to use the on screen keyboard for your password as i think keyloggers only pick up keys not what you click.

 

I have to disagree. While you're right in saying that a keylogger records key strokes, a keylogger AND screengrabber (used to record your screen on a click, or other triggers) can just as easily infect a computer and, if you've got a really good model, you might not even notice a dip in performance. The undisputed best thing to ever do if you feel your computer might be compromised is: stop what you're doing, disconnect from the internet, and do a full scan on your computer with a virus scanner/Malwarebytes with up-to-date definitions.

 

Your accounts, your personal information, all of these things are far too precious to risk because you might feel like you can 'outsmart' the bit of malware when you're not even sure of what you're dealing with...

oh didnt realize my bad

[Hegelstad]

Rarely if EVER is anyone legitimately hacked out of their control. You got something on the computer - a keylogger, a trojan, some kind of virus, or maybe you were phished. In any case, it is 0% Jagex's fault. They make a PIN available, up to 12 chars in a password, recoveries, email recovery, reporting system etc.

 

Don't even try to blame them. Run a good virus scanner and update your pass, email security, and recovery questions.

 

And you ask for "help." There's nothing that can be done further than the above. Items cannot be returned or refunded.

 

So you learn your lesson and that's that. It shouldn't happen again, now that you've had the experience.

 

I've had the experience before, but it happened again. Please don't say im unresponsible.

 

I suspect my virus scanner was silently disabled, and in one day virus were uploaded to my compromised computer, nothing under my control.

 

If Jagex decides to add other optional measures against hijacking that users that are especially worried about their accounts can use, we would have nobody but ourselves to blame. I'd like to be able to select which MAC addresses i can use to log into my account. So it is only possible to login to the game using my personal MAC address.

 

Your case is one of the very rare where you may have actually been hacked out of your control. 99.99%, without exaggeration, of people in RS being "hacked" is either a virus they got from a site they went to or something they downloaded (and didn't have a good AV or two).

 

I felt this was out of my control, i run a 2000£ computer so i felt no decrease in performance, and my internet connection was 600MBs/600MBs (yes, i'm at a hardcore computer party). Without noticing or getting any notification my whole security center, windows defender, windows firewall and windows security essentials. I only noticed this when i saw that my account was locked because i tried to run a scan, but the antivirus or security service wouldn't start. I haven't been on any runescape thematic sites except of this for the last months.

 

I ran malwarebytes, and i found 13 suspicious files, and the day before i went to this party my AV was operational and showed 0 potentional risky files. Funny, but there might actually be hackers here, i saw some guys with Runefest sweaters in example... And its so funny how i've been like many others in this thread and telling other people that they should secure their account better, and then it suddenly happens to me. I had a very secure password of medium length with random combinations of uppercase letters and numbers. I had a random bank pin and homemade recovery questions.

[Nomrombom]

Yes, it wasn't your fault in that case. At that level of complicated hacking, you can't really stop a determined person. I'm just saying that in basically all other cases, people aren't actually "hacked" so much as tricked.

[GoldTatze]

Completely agree with the moderator above.

 

Also, Jagex has done everything in its power to prevent you from being hacked. Huge password character limit, bank pin, recovery questions, back up email...some of it is up to you.

double think the back-up email option

 

it'll help you recover your account back, but it makes it can make easier/harder for hackers etc. to hack your account.

 

if a lot of people know the email you registered with, then someone might be able to dig up enough information to recover ur acc.

Unless someone knows my full name (which most don't except close relatives), then they would have a tough time with my email, especially since it is on hidden/private. I see your point, but I'd rather have it there than not.

 

Also, most people aren't hacked out of the blue. Unless you are Zezima (inb4wownoobzezzyreference) or Bonbloc, etc..., most people wouldn't sit trying to type in your password. That means the only other way is because you went on a phishing site, downloaded something, or you are not telling us the full story. I have a sneaking suspicion that because he is F2P he may have been botting. I say this because tons of F2P bot considering they aren't wasting any money if they get banned/etc... Now of course this may not be the case, but who really wastes time legitly trying to hack an account with 10M...

[chrisman638]

You can't get hacked unless it's your fault. No one will ever guess your pass.

 

Just don't:

 

Give friends your password.

Have recovery questions with legit answers. (use numbers/letters as answers to make them unguessable and write them down on a post-it and put it in a safe place)

Go to untrusted runescape websites.

Use guessable passwords.

Put an e-mail address on your RS account.(any basic hacker can hack an email address)

 

 

If you do those 5 above there is no way to be hacked. Literaly no way to. I have been playing for years now and have never actually met someone who could honestly say they were hacked randomly. Every time at least 1 of the above items came into play.

[Hegelstad]

Okay, i just disconfirmed the above post, except the real mail thingy, but my mail havent been hacked... Yet it happened to me, and no im not a noob lying.

[BeNiceOk]

Without noticing or getting any notification my whole security center, windows defender, windows firewall and windows security essentials.

 

Just a note on these. Windows Security Center, Windows Defender, and Windows Firewall are about as basic of a security as you can get. I would not expect them to provide any "real" protection against viruses or experienced hackers going though your Ethernet/wireless.

 

I know you stated you have AV protection, but I would also recommend (if you don't have it already) a program with has a firewall built in with the Anti-virus program. Norton 360 or a similar product is much better about keeping security tight, as the firewall and AV are directly connected. If the firewall is kicked off, the AV will be flagged, while if you use a basic firewall like Windows Firewall, the AV not be aware of it if windows is "tricked" into thinking the firewall is still functioning properly.

 

Also, make sure you have a paid AV program. Free ones like malwarebytes(free version), AVG, ect.. are ok, but don't offer any "real-time" protection. They only find infections after the virus has been loaded and you do a manual scan.

 

It's a good idea to have 2 types of AV on your computer. A paid version and a less common free version that is not "real-time". But don't run both AV at the same time, or they can conflict with each-other and raise your risk for infection. It's a good idea to, once in awhile, run a scan on your normal AV, then disable your internet, disable your current AV, and run a scan on the less common free version, as some AV's can pick up viruses others don't. Just make sure not to run them both at the same time.

 

Some secondary "free" versions I would recommend are:

Malwarebytes

Superantispyware

Ad-Aware

 

But do not rely on only these for your protection. They are simply and added level of security on top of your paid AV program & Firewall.

[Nomrombom]

If you're careful with what you do online, you can get away with just using a few free AVs. Malwarebytes, Microsoft Security Essentials, and Spybot Search and Destroy would be a good setup. And if you want real(ish) time protection, AVG does prevent you from downloading most viruses and gives security reports on google pages (like if you see a suggestion on google with a link to relevant website, it has a little icon indicating how safe the website is).

 

But it is possible to be hacked, straight up. It takes some serious knowledge, but it can be done. You're never 100% safe if you use the internet.

[GoldTatze]

Actually, MSE (Microsoft Security Essentials) does give security reports of google.

 

Anyways, you most likely have a keylogger. Do you do any of the following on your computer?(some more obvious than the others):

 

a) Download suspicious programs

b) Open emails with unverified attachments

c) Go to sites with ".tk"

d) Go to sites with multiple numbers in a URL (ie: 567.8643[LikelyScam])

e) Go to untrusted Pornography sites. - Now this one gets people all rawled up for some reason. I don't actually know how old you are so this may not pertain to you at all, but cheaper versions of these websites are crawling with viruses (because it is a great target).

f) Click any advertisements claiming you won something/yadyada

g) Finally, have you ever ran a security check on your computer?

 

[EDIT] Tipit just proved my point with their typing filter. They blocked ".tk" in URL Form and replaced it with LikelyScam (which it is). Good! :shades: