rudes7 Posted May 30, 2012 Share Posted May 30, 2012 Don't cry like little babies over pixels and just change your rs password and stay clear of swiftkit till the issue is resolved... Link to comment Share on other sites More sharing options...
Stev Posted May 30, 2012 Share Posted May 30, 2012 I wouldn't use SwiftKit. All they'd really have to do is switch the URL it loads when you click, "Play RuneScape", to a phishing site and you wouldn't know any better. Wouldn't even need a keylogger. On a not-so-serious note... Great music. ;).http://www.youtube.com/watch?v=1TnONMzvZdQ Link to comment Share on other sites More sharing options...
Carl Posted May 30, 2012 Share Posted May 30, 2012 Looks like this happened a couple hours ago tops? / Today? Guess that makes it have no relation at all to me being hacked/recovered a few days ago then? (not sure which answer I want to hear, seeing as how they will likely still hold the same end result.) This only happened several hours ago, and SwiftKit does't contain any of your personal details. RIP Michaelangelopolous Link to comment Share on other sites More sharing options...
Jon Arcane Posted May 30, 2012 Share Posted May 30, 2012 Stopped using SwiftKit wayyyy back, and I am quite content with just the official runescape browser so no problems for me. But I do feel sorry for anyone who has been impacted and hope it is resolved quickly and thoroughly. Link to comment Share on other sites More sharing options...
Howlin0001 Posted May 30, 2012 Share Posted May 30, 2012 I use SK have done for years. all I care about is my screenshots!!! XDI've used Howies Quick Screen Grab for years http://www.howiesfunware.com/loadSideBarMiscSoftware.htmlI've used gadwin printscreen since I've joined the Crew (a month shy of 4 years), it's easy very easy to use. http://www.gadwin.com/printscreen/ Link to comment Share on other sites More sharing options...
Jeffery Posted May 30, 2012 Share Posted May 30, 2012 I use SK have done for years. all I care about is my screenshots!!! XDI've used Howies Quick Screen Grab for years http://www.howiesfunware.com/loadSideBarMiscSoftware.htmlI've used gadwin printscreen since I've joined the Crew (a month shy of 4 years), it's easy very easy to use. http://www.gadwin.com/printscreen/ I've got Gadwin printscreen for when I do FF scapin' just if I were to uninstall SK all my screen shots i got from it would be deleted (It's bad to say my screenshot file consists of 15,000 over the past 6 years) lol 180th to 99 Divination + 1st W36er Rambo, cannot pk call your friends bro :). Wait nevermind none of SAPK/PKS can. Kappa. Link to comment Share on other sites More sharing options...
Thus Posted May 30, 2012 Share Posted May 30, 2012 I'm laughing at everyone that still uses Swiftkit in 2012. Seriously, it stopped being useful when the world switching feature was taken out of swiftswitch years ago. Use the client/firefox/whatever and mirc and you wouldn't be in this mess. And there are plenty of ways to take screenshots. Link to comment Share on other sites More sharing options...
Arceus Posted May 30, 2012 Share Posted May 30, 2012 Am I supposed to feel old for still using the "PRTSC" button to take a print screen? "Fight for what you believe in, and believe in what you're fighting for." Can games be art? --- My blog here if you want to check out my Times articles and other writings! I always appreciate comments/feedback. Link to comment Share on other sites More sharing options...
Ammako Posted May 30, 2012 Share Posted May 30, 2012 Am I supposed to feel old for still using the "PRTSC" button to take a print screen?Yeah, I do that too. Link to comment Share on other sites More sharing options...
Carl Posted May 30, 2012 Share Posted May 30, 2012 An update on the Zybez post by Marius (funman), UpdateWe understand that after a while, a java drive by was introduced into the hijacked sites prompting users to run an unsigned java applet which would install malware on your system. If you received the prompt and accepted it, or would just like peace of mind, we recommend running your antivirus or using Microsoft Security Essentials which we found picked up this specific malware rather easily. We are still working on resolving all issues, but will keep this post updated with information as we have it available. Can that update and the original post on this thread by funman please be edited on the first post? RIP Michaelangelopolous Link to comment Share on other sites More sharing options...
Huge Noob Posted May 30, 2012 Share Posted May 30, 2012 I've never used Swiftkit. The official client and mIRC work fine for me, have for years. Sorry for anyone who still uses it but I'm sure it was bound to happen sooner or later with a 3rd party client... Link to comment Share on other sites More sharing options...
Stev Posted May 30, 2012 Share Posted May 30, 2012 An update on the Zybez post by Marius (funman), UpdateWe understand that after a while, a java drive by was introduced into the hijacked sites prompting users to run an unsigned java applet which would install malware on your system. If you received the prompt and accepted it, or would just like peace of mind, we recommend running your antivirus or using Microsoft Security Essentials which we found picked up this specific malware rather easily. We are still working on resolving all issues, but will keep this post updated with information as we have it available. Can that update and the original post on this thread by funman please be edited on the first post?Done. :). Link to comment Share on other sites More sharing options...
Affxtion Posted May 30, 2012 Share Posted May 30, 2012 There is a sticky thread on the RuneScape forums now for anyone who uses SK and is worried about the safety of their account. http://[use Quick Find Code]/c=1F0laTMrr8c/sl=0/[Please Use QuickFind Code]?25,26,125,63757878,goto,1Mod Mozza will be delighted to lock your account for the time being should you be worried. Link to comment Share on other sites More sharing options...
Abdulla Posted May 30, 2012 Share Posted May 30, 2012 I'm laughing at everyone that still uses Swiftkit in 2012. Seriously, it stopped being useful when the world switching feature was taken out of swiftswitch years ago. Use the client/firefox/whatever and mirc and you wouldn't be in this mess. And there are plenty of ways to take screenshots.It still has many useful functions, like very accessible highscore features, grand exchange price features, and it's own irc as well. Also very quick to take screenshots and upload them with Swiftkit as well, but I understand that there are many alternative for that now. Still a very useful application, and nothing wrong with using it. (22:28:44) <@Leik> LE INTORNUTZ SPEEK xDDDDDDDDDDDDDDDDDDD Link to comment Share on other sites More sharing options...
HunterDexter Posted May 30, 2012 Share Posted May 30, 2012 Hmmm, I opened SK before reading the disturbing news. And I can't quite remember if I accepted an update... I seriously don't know whether I should get on my account or not, as some on the RSOF say the malicious file can't be picked up by an antivirus. Link to comment Share on other sites More sharing options...
Albel Posted May 30, 2012 Share Posted May 30, 2012 Am I supposed to feel old for still using the "PRTSC" button to take a print screen?I have always done that. I hope the problem is resolved asap for people who use it though. [hide=Quotes]Albel/JustinAlbel doesn't say anything anymore, just comes in, leaves an arrow and vanishes into the night :(Probablypractising some euphoniumYou nearly had me fooled, you fooler youEuphonium/10.9/10. To me, always associate Albel with musical stuff in OT.Everyone with a goatee and glasses is Albel now.lmfao albel m8 wat r u doin, hi though. [/hide][hide=Runescape Achievements]99 firemaking(2007), 99 woodcutting(2008), 99 fletching(2009), 99 magic(2010), 99 cooking(2010), 99 farming(2011), 99 construction(2011), 99 runecrafting(2012), 99 Hunter (2014), 99 ranged (2015), 99 HP (2015), 99 Slayer (2015), 99 attack (2015) 99 Defense (2015) 99 Prayer (2015) 99 Summoning (2015) 99 Strength(2015) 99 Herblore (2015) 99 Dungeoneering (2017) 99 Mining (2017) 99 Crafting (2017) 99 Smithing (2017) 99 Thieving (2017) 99 invention (2017) 99 Fishing (2018), 99 Divination (2018), 99 Agility (2018), MAXED (05/17/2018)[/hide] Link to comment Share on other sites More sharing options...
The Observer Posted May 31, 2012 Share Posted May 31, 2012 Hi, We are aware of the issues (as can be seen by our post on Zybez), and are working to resolve it. SwiftKit it self is safe to use, as our update servers are in no way compromised, but the patch notes are fetched from the swiftkit.net domain and can thus be edited.The update you are referring to is a safe update, it's just the skdata file with the latest quests in it, unless the client issues a warning that it needs to restart it self after an update then the client it self has not been changed. We recommend you keep an eye on the forum post linked to for updates as we'll try to keep you all updated on the situation as it progresses. -Marius K swiftkit is not [bleep]ing safe to use. Ignore this imbecile above. I've had the passwords on all the accounts i've ever used on SK changed, so shut up. One would presume from examining the above poster that he is a hacked account that had his tif password the same as his rs acc one That user happens to be SwiftKit senior staff. FYI, the domain was hijacked. So, it redirected swiftkit.net to a malicious website. When SwiftKit redirected to the start page on the Swiftkit.net domain, it most likely ran a Java driveby (if you accepted Java to run). The servers themselves weren't touched. If you believe that you received some form of a virus from it, then scan using your anti-virus programs. I know for sure Microsoft Security Essentials can detect and remove it. Hmmm, I opened SK before reading the disturbing news. And I can't quite remember if I accepted an update... I seriously don't know whether I should get on my account or not, as some on the RSOF say the malicious file can't be picked up by an antivirus. No, that is incorrect. The malicious file can be picked up with anti-viruses such as Microsoft Security Essentials quite easily. At this moment, they have control over the domain and it will be back to normal once DNS propagates in your region. ~ Kill Link to comment Share on other sites More sharing options...
HunterDexter Posted May 31, 2012 Share Posted May 31, 2012 Hmm, I did that first quickscan that MSE does when it is installed, and it found nothing, so it's safe?Also, is there any way to see if you accepted a change to your firewall? Can't seem to find that on BitDefender. :s Because I'm still unsure whether I had a Java pop up. Link to comment Share on other sites More sharing options...
Randox Posted May 31, 2012 Share Posted May 31, 2012 Am I supposed to feel old for still using the "PRTSC" button to take a print screen?Yeah, I do that too.Right there with you. The only time I have needed anything but the Prtsc button was when I recorded all the diologue in the Shadow Robe miniquest. I did the first few like that, cropping them into a collage, then I realised how long that would take, so I started up hypercam and used that instead, focusing it where the text would appear. So someplace, probably on my laptop, is a collage and a 90 second (maybe longer) movie that contain all the chat from the quest. To view it, I just set the playback speed of WMP really low, and then I can double click the play button to advance it by a frame. Hmm, I did that first quickscan that MSE does when it is installed, and it found nothing, so it's safe?Also, is there any way to see if you accepted a change to your firewall? Can't seem to find that on BitDefender. :s Because I'm still unsure whether I had a Java pop up. I think someone already pointed this out. If you had comprmised swift kit, the easiest way to take advantage of that would be to redirect it to a phising site mimic of the log in screen if you had one set up. This wouldn't cause anything to show up in a scan. And do a full scan with MSE whenever you want to really be sure. The quick scan completes very quickly by only scanning what are probably the more critical parts of your hard drive, and places where viruses are likely to show up, like your download folder. It's good for a routine check, but once a month, and whenever you suspect something might have gotten onto your computer, you should do a full scan. Link to comment Share on other sites More sharing options...
Kimberly Posted May 31, 2012 Share Posted May 31, 2012 like very accessible highscore features, grand exchange price features, and it's own irc as well. Any IRC server that has RuneScript has this as well, via a light client called mIRC. But some people have preferences and I respect that. I just typically play on cheaper/older computers that don't have the resources to spare on bulkier setups. RIP my multitasking abilities ; _ ; Link to comment Share on other sites More sharing options...
Zpoon Posted May 31, 2012 Share Posted May 31, 2012 Hey guys just thought I'd let you know we made a post explaining what happened and what's going on right now: http://forums.zybez.net/topic/1556987-swiftkit-website-issue-explained/ One down side to SwiftKit being as popular and successful as it is, means that it has a giant target on it's back. Today we unfortunately experienced the effect of that., which is a shame really as we only exist to offer a free helpful tool to players...It really is unfortunate. As always though, we aim to be as transparent about the situation as possible. At around 3am this morning it came to my attention that someone had gained access to the domain register's account that hosts SwiftKit.net. This allowed them to transfer the SwiftKit.net domain off our account and onto their own. Once they did this they were then able to change the webserver the domain points at, to their own malicious site. The problem was that it took around 5 hours for the domain to be rightfully returned back to us. So during this time the SwiftKit.net domain was pointing to a malicious website. We'll definitely be moving to a different domain registrar in the near future. How was the intruder able to gain access to our domain account? By using a fake ID, or identity document to convince the domain hosting company to reset the e-mail address to their own. Then all they had to do was perform a simple password reset. We're very concerned that this could even happen in the first place, and that it took so long to re-gain control. We'll be looking forward to getting as far away as possible from this domain host. So what does this mean for you as a user? Not too much, SwiftKit itself wasn't affected at all, just the domain. However If you were unfortunate enough to click accept or yes on any JAVA popups that came up I suggest do you a virus scan straight away and once clean change your password. You should never accept any JAVA requests from sources you don't trust. (It states the source in the popup) We have seen this specific malware can be detected and removed by Microsoft Security Essentials. If you believe you have loaded SwiftKit in this small window and accepted any rogue Java confirmations, then it would be a good idea to run a full system scan. SwiftKit itself has several layers of protection built into the updater to prevent anyone from being able to push out bogus updates. The only way you could be harmed is if you download or accept something yourself. As it stands we now have full control of our domains and have taken temporarily steps to prevent such a situation from occurring again. DNS changes have been successfully apllied to many users and they should now be directed to the right, normal site. If you still are redirected incorrectly, try clearing your browser's history and cache, and also by going to Start > search for "cmd", and type in "ipconfig /flushdns". This will ensure the right DNS address is obtained from the server. In the coming future we will be looking to implement some permanent changes to further prevent such an occurrence, abandoning our current and frustrating registrar is one of them. We understand our well-earned reputation has been tarnished by this horrible incident, and we understand many are wary using our products in the future. That trust is going to have to be earned back, and I know for some it will be difficult. I want to personally let everyone know the safety and security of all of our users are our #1 priority. The entire SwiftKit staff, including support from our users and Jagex moderators have hopefully showed everyone that we are serious about security. If you have any hesitations or questions please don't hesitate to ask. We're also going to be posting some specific ways of checking if you are indeed infected, and removal steps if you are. Gimmie a sec. Edit: Detection and removal instructions: 1. Open Start2. In search, type "regedit" and hit Enter3. Navigate to "HKEY_CURRENT_USER\\Software\\Microsoft\\Windows" using the folder dropdowns.4. If there is a file or entry in the Windows folder called "Adobe Drivers", than you are infected and you require removal. If it doesn't exist, you are not infected. Removal: 1. Right-click the taskbar and select "Start task manager"2. In the Processes tab, end any process named "winsyl[Caution: Executable File]"3. In the Registry Editor window you still should have open, right-click the "Adobe Drivers" folder and select Delete4. Open Windows Explorer, enter in the URL %AppData%\Microsoft\Windows\5. Delete the folder "Drivers"6. As a safety measure, run a full system scan using a reputable anti-virus such as MSE. SwiftKit staff // http://swiftkit.net Link to comment Share on other sites More sharing options...
Kimberly Posted May 31, 2012 Share Posted May 31, 2012 Thrilled to hear, thanks for the update and handy instructions. :) Link to comment Share on other sites More sharing options...
Kaida23 Posted May 31, 2012 Share Posted May 31, 2012 I'm really surprised that they were able to gain control of the host domain that easily. Glad to hear you've got things back under control. :thumbup: Check out my blog to read the Adventures of a Big Damn (F2P) Hero. THE place for all free players to connect, hang out and talk about how awesome it is to be F2P. So, Kaida is the real version of every fictional science-badass? That explains a lot, actually... Link to comment Share on other sites More sharing options...
Uade Posted May 31, 2012 Share Posted May 31, 2012 This is why I don't use things like SK. I never trusted it. .-. RuneCrafting addict Divination addict Link to comment Share on other sites More sharing options...
Saradomin_Mage Posted May 31, 2012 Share Posted May 31, 2012 I'm really surprised that they were able to gain control of the host domain that easily. Glad to hear you've got things back under control. :thumbup:Reminded me of Jagex's account recovery system when I read it. In real life MMO you don't get 99 smithing by making endless bronze daggers. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now