_YB_ Posted October 8, 2011 Share Posted October 8, 2011 (edited) Some hackers found out that there was someone registered with a @jagex.com email on the RuneHQ forums. They decrypted the password ( because all forums are using encryption methods to keep their passwords save). And found out that it was the same password as the runescape account Mod Kelvin. Few minuts after the discover it got wildly leaked and mass people logged in on it.This is the info that got mass leaked ( removed the password & IP): Mod Edit: Removed personal information. Gif image that I just took: what are your thoughts on it that even a j-mod uses the same password for forums and their ingame account. Edited October 8, 2011 by Kimberly Removed for Rule 1.7 - Volunteering Personal Information Link to comment Share on other sites More sharing options...
Earthman Posted October 8, 2011 Share Posted October 8, 2011 Until someone provides me with video proof of them playing on the account, I will call this one fake. Link to comment Share on other sites More sharing options...
Esper_Jones Posted October 8, 2011 Share Posted October 8, 2011 I could have sworn the actual mod accounts were restricted from being used anywhere but the Jagex offices, for this exact reason. Jack of all trades, master of thieving. 259th to 99 thieving. All stats 75+ Link to comment Share on other sites More sharing options...
_YB_ Posted October 8, 2011 Author Share Posted October 8, 2011 Until someone provides me with video proof of them playing on the account, I will call this one fake.If you logged in you got force logged out the reason that happened I think was because you can only log in from the office. Link to comment Share on other sites More sharing options...
ForsakenMage Posted October 8, 2011 Share Posted October 8, 2011 I could have sworn the actual mod accounts were restricted from being used anywhere but the Jagex offices, for this exact reason. That's what I thought too because of an incident many years before THIS. Adventurer's Log || YouTube || Facebook || Tip.it Times Work || Wanna Join the Editorial Panel?Maxed Out 01 October 2012 PDT Link to comment Share on other sites More sharing options...
L2Pullout Posted October 8, 2011 Share Posted October 8, 2011 Yeah im sure mod accounts are instant locked anywhere outside of Jagex HQ, or at least that's what Jagex says. Link to comment Share on other sites More sharing options...
_YB_ Posted October 8, 2011 Author Share Posted October 8, 2011 Yeah im sure mod accounts are instant locked anywhere outside of Jagex HQ, or at least that's what Jagex says.It took them 8 hours to lock the account. Link to comment Share on other sites More sharing options...
L2Pullout Posted October 8, 2011 Share Posted October 8, 2011 Yeah im sure mod accounts are instant locked anywhere outside of Jagex HQ, or at least that's what Jagex says.It took them 8 hours to lock the account.Soo then is there a video of the ensuing chaos? Link to comment Share on other sites More sharing options...
_YB_ Posted October 8, 2011 Author Share Posted October 8, 2011 Yeah im sure mod accounts are instant locked anywhere outside of Jagex HQ, or at least that's what Jagex says.It took them 8 hours to lock the account.Soo then is there a video of the ensuing chaos?Read my previous post you got instantly logged out when you tried to log in. Link to comment Share on other sites More sharing options...
Kaida23 Posted October 8, 2011 Share Posted October 8, 2011 Yeah im sure mod accounts are instant locked anywhere outside of Jagex HQ, or at least that's what Jagex says.It took them 8 hours to lock the account.Soo then is there a video of the ensuing chaos?Read my previous post you got instantly logged out when you tried to log in.But if people logged into it (and in 8 hours I'm sure someone did) then there must be a video of it somewhere. Check out my blog to read the Adventures of a Big Damn (F2P) Hero. THE place for all free players to connect, hang out and talk about how awesome it is to be F2P. So, Kaida is the real version of every fictional science-badass? That explains a lot, actually... Link to comment Share on other sites More sharing options...
Octarine Posted October 8, 2011 Share Posted October 8, 2011 Eh, so the JMOD was a bit foolish for using the same password at another place thats runescape related. But if their inbuilt security blocked anything from happening, whats the big problem? Blog of DG, Bossing (mostly Glacors) and stuff - Runetrack Play Safe! - Got useful information for the tip.it website? Post here! Link to comment Share on other sites More sharing options...
ForsakenMage Posted October 8, 2011 Share Posted October 8, 2011 Eh, so the JMOD was a bit foolish for using the same password at another place thats runescape related. But if their inbuilt security blocked anything from happening, whats the big problem?I think it's the fact that it appears some of their own don't take the same strict precautions of protecting their account, regardless of built-in security measures, as many of us have learned to do over the years and what Jagex themselves have recommended as well. And if it really did take that long for that account to get locked, then Jagex needs to reexamine the security of such accounts, even if it is just a case of stupidly using the same password in another location. Adventurer's Log || YouTube || Facebook || Tip.it Times Work || Wanna Join the Editorial Panel?Maxed Out 01 October 2012 PDT Link to comment Share on other sites More sharing options...
L2Pullout Posted October 8, 2011 Share Posted October 8, 2011 They have like 300 mods and we know a lot of Jagex mods aren't the brightest so it was bound to happen eventually. As far as I can tell this guy was head of community management, which explains why he was on a fan site. It also explains his lack of security because he probably doesn't know better. I wouldn't be surprised if he doesn't even play RS lol. Link to comment Share on other sites More sharing options...
Alg Posted October 8, 2011 Share Posted October 8, 2011 Eh, so the JMOD was a bit foolish for using the same password at another place thats runescape related. But if their inbuilt security blocked anything from happening, whats the big problem?This. That is assuming that this is real to begin with. There's a lot to suggest that it isn't. I painted some stuff and put it on tumblr Link to comment Share on other sites More sharing options...
999134 Posted October 8, 2011 Share Posted October 8, 2011 You can't log into a jagex acc anywhere aside from jagex hq You would see blue phats buying at 1gp ea from mass spawing if someone managed it (I know they cant directly trade but remember the rotten potato? Sure its possible to get by that restriction somehow if you could) edit: futher proof - just try entering mod kelvin into username/pass, obvious fake is obvious Check it out, huge amount of effort has gone into this massive mod![hide=old sig][/hide] Link to comment Share on other sites More sharing options...
RU_Insane Posted October 8, 2011 Share Posted October 8, 2011 (edited) [hide]Yeah im sure mod accounts are instant locked anywhere outside of Jagex HQ, or at least that's what Jagex says.It took them 8 hours to lock the account.Soo then is there a video of the ensuing chaos?[/hide]Read my previous post you got instantly logged out when you tried to log in.But if people logged into it (and in 8 hours I'm sure someone did) then there must be a video of it somewhere. This. You said it took them eight hours to lock the account, then you said you got logged out when you tried to log in. Which is it? And if it's the first case, there must be video or even photos,so where are those? Edited October 9, 2011 by ForsakenMage Shrinking the quote blocks RIP RU_Insane. August 3rd, 2005 - November 11th, 2012. My Stats on Old School RuneScape: Reform Customer SupportCheck Out My Threads Link to comment Share on other sites More sharing options...
Naraku893 Posted October 8, 2011 Share Posted October 8, 2011 The fault here is entirely on the jagex mod Link to comment Share on other sites More sharing options...
RU_Insane Posted October 8, 2011 Share Posted October 8, 2011 The fault here is entirely on the jagex mod Definitely. I know it's too late now, but it'd be interesting to see the consequences had the perpetrators been able to login to the account. Get some real [cabbage] started :P inb4rollback I did a Google search for "Mod Kelvin hacked" and the only result that came up was this one. I searched for "Jagex Mod hacked" and this thread came up, but the other results were junk. I'm calling shenanigans. RIP RU_Insane. August 3rd, 2005 - November 11th, 2012. My Stats on Old School RuneScape: Reform Customer SupportCheck Out My Threads Link to comment Share on other sites More sharing options...
_YB_ Posted October 8, 2011 Author Share Posted October 8, 2011 (edited) [hide]Yeah im sure mod accounts are instant locked anywhere outside of Jagex HQ, or at least that's what Jagex says.It took them 8 hours to lock the account.Soo then is there a video of the ensuing chaos?Read my previous post you got instantly logged out when you tried to log in.[/hide]But if people logged into it (and in 8 hours I'm sure someone did) then there must be a video of it somewhere. This. You said it took them eight hours to lock the account, then you said you got logged out when you tried to log in. Which is it? And if it's the first case, there must be video or even photos,so where are those?You couldn't even get in the lobby or get on the forums, when you tried to log in on the homepage it said Login Successful but then nothing happened. You couldn't do anything but its just about the fact that even their own mods make mistakes about their choice of passwords. The only thing that they changed now is that you get a locked account message when you try to log in (took them 8 hours to lock it). Mod Edit: Removed personal information. imagine if it was found out on the day of RuneFest and someone logged in on it.... (Jagex mods can log in there). Edited October 9, 2011 by ForsakenMage Removed for Rule 1.7 - Volunteering Personal Information Link to comment Share on other sites More sharing options...
Jesus_Status Posted October 8, 2011 Share Posted October 8, 2011 Incompetent JMod <--- Epitome of redundancy Link to comment Share on other sites More sharing options...
RU_Insane Posted October 8, 2011 Share Posted October 8, 2011 (edited) [hide]Yeah im sure mod accounts are instant locked anywhere outside of Jagex HQ, or at least that's what Jagex says.It took them 8 hours to lock the account.Soo then is there a video of the ensuing chaos?Read my previous post you got instantly logged out when you tried to log in.But if people logged into it (and in 8 hours I'm sure someone did) then there must be a video of it somewhere.[/hide] This. You said it took them eight hours to lock the account, then you said you got logged out when you tried to log in. Which is it? And if it's the first case, there must be video or even photos,so where are those?You couldn't even get in the lobby or get on the forums, when you tried to log in on the homepage it said Login Successful but then nothing happened. You couldn't do anything but its just about the fact that even their own mods make mistakes about their choice of passwords. The only thing that they changed now is that you get a locked account message when you try to log in (took them 8 hours to lock it). Mod Edit: Removed personal information imagine if it was found out on the day of RuneFest and someone logged in on it.... (Jagex mods can log in there). I'd be hard-pressed to believe that Jagex didn't at least change the password, after what was technically a major security breach (even if due to mod failure). But okay, if that's what the password is, I'll try logging in. >.> I'll doubt it'll work though, just saying. :P Edited October 9, 2011 by ForsakenMage Shrinking the quote blocks RIP RU_Insane. August 3rd, 2005 - November 11th, 2012. My Stats on Old School RuneScape: Reform Customer SupportCheck Out My Threads Link to comment Share on other sites More sharing options...
Alg Posted October 8, 2011 Share Posted October 8, 2011 You couldn't even get in the lobby or get on the forums, when you tried to log in on the homepage it said Login Successful but then nothing happened. You couldn't do anything but its just about the fact that even their own mods make mistakes about their choice of passwords. The only thing that they changed now is that you get a locked account message when you try to log in (took them 8 hours to lock it). Mod Edit: Removed personal information imagine if it was found out on the day of RuneFest and someone logged in on it.... (Jagex mods can log in there).Then what's the point? He used his work account password on a site, when it's impossible for anyone to use that account outside of his office? It's less a mistake and more confidence in the security system (Which worked). All the evidence we have that this even happened is your word and a low quality gif. If it took 8 hours to lock the account, we'd have heard about it hours ago. Somebody would have leaked it, especially since access to a jmod account is the average 'Scaper's wet dream. It's the kind of thing that Tip.Iters would instantly believe, since everyone here seems convinced that Jagex requires all employees to have a double digit IQ. Remember the "Dungeoneering can't be botted" thing? I painted some stuff and put it on tumblr Link to comment Share on other sites More sharing options...
RU_Insane Posted October 8, 2011 Share Posted October 8, 2011 To anyone who's interested, the password does in fact work, but like missingno said, the failure to breach past the point of lock-out is a sign of foresight in light of Jagex incompetence. I got the same result (locked-out) when I tried to log-in. So the account has technically been breached in that the correct password was retrieved, but no actual harm was done to it thanks to their security. As far as the "logging in and causing chaos" scenario though, that's [cabbage], don't worry about it. RIP RU_Insane. August 3rd, 2005 - November 11th, 2012. My Stats on Old School RuneScape: Reform Customer SupportCheck Out My Threads Link to comment Share on other sites More sharing options...
Sy_Accursed Posted October 8, 2011 Share Posted October 8, 2011 I find this all quite unlikely.1) We know jmods accounts can only be logged into from jagex HQ2) Theres no videos of it3) There NOTHING anywhere about runeHQ getting hacked, or locking down due to an attempted hack in response to the way this password was supposedly gotten. All there is, is this forum post with 1 gif animation that could easily be faked. Operation Gold Sparkles :: Chompy Kills :: Full Profound :: Champions :: Barbarian Notes :: Champions Tackle Box :: MA RewardsDragonkin Journals :: Ports Stories :: Elder Chronicles :: Boss Slayer :: Penance King :: Kal'gerion Titles :: Gold Statue Link to comment Share on other sites More sharing options...
_YB_ Posted October 8, 2011 Author Share Posted October 8, 2011 I find this all quite unlikely.1) We know jmods accounts can only be logged into from jagex HQ2) Theres no videos of it3) There NOTHING anywhere about runeHQ getting hacked, or locking down due to an attempted hack in response to the way this password was supposedly gotten. All there is, is this forum post with 1 gif animation that could easily be faked.Look at the post above you I even posted the password in this thread so you can look it up yourself. And about the RuneHQ DB it got leaked on many rule-breaking sites. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now