Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Buy OSRS Gold

boiiparanoia

Hacked while running exNMZ

Recommended Posts

I ran the exNMZ bot last night and all went well for about 3 hours until I had come back and seen my acc naked in lumby and my dharok, fury and b ring gone and my bank pin attempted to be removed. Whats up with that? not the first time it's happened either, I was hacked for about 50m when running USA's agility bot. Has this happened to anyone  else?

Share this post


Link to post
Share on other sites

Sorry that happened, but this is not related to TRiBot.

TRiBot scripts have no access to your username/password by design as a security feature.
And TRiBot lead developer TRiLeZ wouldn't risk his successful business over a few RS items.
TRiBot has thousands of active subscribers, yet only a small handful of 'hacked' threads are posted in a month, usually due to something besides TRiBot.

Common reasons of getting hacked:
- Malware on your computer
- Typing RS info into a phishing website
- Telling someone your password/sharing account

I recommend scanning your computer with multiple scanners, or even doing a full reformat.
Good luck recovering.
 

Share this post


Link to post
Share on other sites
38 minutes ago, boiiparanoia said:

I ran the exNMZ bot last night and all went well for about 3 hours until I had come back and seen my acc naked in lumby and my dharok, fury and b ring gone and my bank pin attempted to be removed. Whats up with that? not the first time it's happened either, I was hacked for about 50m when running USA's agility bot. Has this happened to anyone  else?

Its on you my friend YohoJo is completely correct

http://www.pcworld.com/article/243818/security/how-to-remove-malware-from-your-windows-pc.html follow these

22 minutes ago, YoHoJo said:

Sorry that happened, but this is not related to TRiBot.

TRiBot scripts have no access to your username/password by design as a security feature.
And TRiBot lead developer TRiLeZ wouldn't risk his successful business over a few RS items.
TRiBot has thousands of active subscribers, yet only a small handful of 'hacked' threads are posted in a month, usually due to something besides TRiBot.

Common reasons of getting hacked:
- Malware on your computer
- Typing RS info into a phishing website
- Telling someone your password/sharing account

I recommend scanning your computer with multiple scanners, or even doing a full reformat.
Good luck recovering.
 

 

Share this post


Link to post
Share on other sites
3 minutes ago, boiiparanoia said:

this has only ever happened while running a scrip via tribot though? I haven't entered my details into a phishing website, no one knows my password and my computer is clean :/

 

Are you using a password you have used on any other sites? That's a big issue. Check https://haveibeenpwned.com/

Share this post


Link to post
Share on other sites

Are you using a VPS?

How secure is the information of your account kept?  .txt file? .rar file?  Plain paper?

 


Edit: also phising sites.  If you saw a spam bot @ GE and went to their rs page {youtube link?) where it asked u to "login" BUT IT LOOKS LEGIT!? yeah. not runescape.

 

Hope you get your issue solved!  Be more careful with everything online.  There are many backdoors to pretty much anything on the interwebs.

Edited by Oh_My_goth

Share this post


Link to post
Share on other sites

This happened to me twice running the same script but hasn't happened since, i had no malware on my computer and hadn't logged into the account anywhere else including osbuddy, made the account on the official runescape site and only used it on tribot. Definitely something going on

Share this post


Link to post
Share on other sites
16 hours ago, methler said:

This happened to me twice running the same script but hasn't happened since, i had no malware on my computer and hadn't logged into the account anywhere else including osbuddy, made the account on the official runescape site and only used it on tribot. Definitely something going on

 

Your account wouldn't be the first one to be chosen. Trust us. You slipped up somewhere - and/or someone scammed you or your information. 

 

That's the straight up bottom line... We are all sorry. It's not from Tribot, please stop posting in this thread. lol 

 

The only reason a mod hasn't locked this yet is because they don't want your silly asses to think they're powertripping, or being shady... resulting in a new thread. But yeah man, sorry. Change your password, if your computer is clean - and stays clean - then great, it wont happen again. We promise.

Edited by Chaddyboy
Didn't know it was two people claiming Tribot hacked em... Had to change ass to asses to include new party.

Share this post


Link to post
Share on other sites
3 minutes ago, methler said:

After being hacked two more times I decided to activate authenticator on one of my bots running tau grand exchange, just got cleaned again wondering if this is maybe jagexs doing? Is there any other way that anyone could get through authenticator?

Runescape Authenticator is borderline useless when it can be disabled via email. I'm willing to be that your email's gotten compromised which leads to your accounts getting hacked, not a script.

Make a brand new email completely different from previous ones, use a completely different password, 2FA your email and attach your runescape account to it and 2FA your rs account also. - You'll never get hacked unless you're RAT'd.

Share this post


Link to post
Share on other sites

Brand new email and account created two days ago, both email and password are just random characters, no malware on my computer have ran virus scans from 3 different anti viruses and is a month old computer with nothing but osbuddy, tribot, steam games and chrome installed and the email linked to my authenticator requires phone verification on new computers

 This is either tribot or jagex, i see no other way, it's happened to a lot of my accounts, only this year and only the accounts I have botted on have been hacked, im not saying it's tribot but I'm wondering if this is jagexs doing because every time it happens im left with nothing of value in my bank at lumbridge with 3gp in my inventory as if I had died, i know i havent died because I have come back to the bot client at the "your account has not logged out from its last session" 

Share this post


Link to post
Share on other sites
22 minutes ago, methler said:

Brand new email and account created two days ago, both email and password are just random characters, no malware on my computer have ran virus scans from 3 different anti viruses and is a month old computer with nothing but osbuddy, tribot, steam games and chrome installed and the email linked to my authenticator requires phone verification on new computers

 This is either tribot or jagex, i see no other way, it's happened to a lot of my accounts, only this year and only the accounts I have botted on have been hacked, im not saying it's tribot but I'm wondering if this is jagexs doing because every time it happens im left with nothing of value in my bank at lumbridge with 3gp in my inventory as if I had died, i know i havent died because I have come back to the bot client at the "your account has not logged out from its last session" 

or you are using the password on multiple websites, however, reset your PC and change all passwords.

Share this post


Link to post
Share on other sites

Okay this sounds dumb but were you farming gold ? I mean I highly doubt it but does anyone else think possibly that jagex took the stuff off your account ? 

But why not have authentication ? 

I got hacked a year or two ago same as you a couple of account, I use auth and now never had an issue, accounts with up to 1B. 

Share this post


Link to post
Share on other sites

This is what I'm thinking too, I just checked the log of devices that have logged into my email and they were all me so either someone has somehow guessed the authenticator code multiple times or jagex knows I'm farming and wants me to keep buying bonds

1 hour ago, Pkpower said:

Okay this sounds dumb but were you farming gold ? I mean I highly doubt it but does anyone else think possibly that jagex took the stuff off your account ? 

But why not have authentication ? 

I got hacked a year or two ago same as you a couple of account, I use auth and now never had an issue, accounts with up to 1B. 

 

Share this post


Link to post
Share on other sites
2 hours ago, methler said:

This is what I'm thinking too, I just checked the log of devices that have logged into my email and they were all me so either someone has somehow guessed the authenticator code multiple times or jagex knows I'm farming and wants me to keep buying bonds

 

I mean its not un heard of I've even seen it but I would of thought you would of had a temp ban too, did you not log into the account for a period of time ? even 24 hours ?

Share this post


Link to post
Share on other sites
5 hours ago, methler said:

Brand new email and account created two days ago, both email and password are just random characters, no malware on my computer have ran virus scans from 3 different anti viruses and is a month old computer with nothing but osbuddy, tribot, steam games and chrome installed and the email linked to my authenticator requires phone verification on new computers

 This is either tribot or jagex, i see no other way, it's happened to a lot of my accounts, only this year and only the accounts I have botted on have been hacked, im not saying it's tribot but I'm wondering if this is jagexs doing because every time it happens im left with nothing of value in my bank at lumbridge with 3gp in my inventory as if I had died, i know i havent died because I have come back to the bot client at the "your account has not logged out from its last session" 

 

If you've got a rat installed on your computer, it's usually FUD (Fully undetectable) which won't even pick up with antiviruses - that's the scope of it being FUD. The only way to remove it is either to check task manager and check if there's a process always running that might be fake (I remember there was a time  where they all used to imitate svchost), or fully formatting your pc.

If it's not a rat, it means your email is probably leaked (possibly again)

 

Also, check your main email to see if the security/recovery email hasn't been changed. It's a possibility that if someone breached your email, they changed the recovery email so they simply can recover the email back alongside any emails connected to the main account. 

Share this post


Link to post
Share on other sites
9 hours ago, Pkpower said:

I mean its not un heard of I've even seen it but I would of thought you would of had a temp ban too, did you not log into the account for a period of time ? even 24 hours ?

I have sat there watch the bot disconnect, try to log back in to be on the account already logged in page then finally get back in after about 5 minutes

 

9 hours ago, Zulwah said:

 

If you've got a rat installed on your computer, it's usually FUD (Fully undetectable) which won't even pick up with antiviruses - that's the scope of it being FUD. The only way to remove it is either to check task manager and check if there's a process always running that might be fake (I remember there was a time  where they all used to imitate svchost), or fully formatting your pc.

If it's not a rat, it means your email is probably leaked (possibly again)

 

Also, check your main email to see if the security/recovery email hasn't been changed. It's a possibility that if someone breached your email, they changed the recovery email so they simply can recover the email back alongside any emails connected to the main account. 

No chance my emails leaked, no other devices have logged into it from Google search log and it requires phone verification to log into, a rat may be a possibility but in that case wouldn't the accounts im not botting on which are both worth a lot more and never been hacked have been hacked at this point? 

Share this post


Link to post
Share on other sites

this ha only started since I recently came back to tribot this year and has happened on nearly every account I've used the bot on, I'm taking a break from tribot to see if it still happens since it's been happening on a weekly basis and only on botted accounts, will report back regularly and let you know if any get hacked, i legitimately believe that it's either a leak through tribot somehow or jagex is staging hacks because it's definitely not just me this is happening to

Share this post


Link to post
Share on other sites
4 hours ago, methler said:

this ha only started since I recently came back to tribot this year and has happened on nearly every account I've used the bot on, I'm taking a break from tribot to see if it still happens since it's been happening on a weekly basis and only on botted accounts, will report back regularly and let you know if any get hacked, i legitimately believe that it's either a leak through tribot somehow or jagex is staging hacks because it's definitely not just me this is happening to

I'm a fairly new user and i haven't had this happen lol

Share this post


Link to post
Share on other sites
On Monday, March 27, 2017 at 2:44 PM, blasphemy said:

I'm a fairly new user and i haven't had this happen lol

Doesnt mean it isnt happening, theres no way this is on my end i have checked absolutely everything

 

 

 

Update: been a while without botting and no hacks on any of my accounts as of yet

Edited by methler

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Similar Content

    • By theholyone
      Not going to blame anyone but myself for always choosing "always allow", but can anyone here spot anything that might seems suspcious?
      right now i'm thinking "dice.rs" is the most out of place here
      both accounts pretty much used all the same scripts and were on account manager, my main has been untouched,
      both emails were changed from original email ( it was a random domain, never used anywhere else )
      Update: recovered both accounts, set up 2step email + auth on email + account, guess I should be lucky i got away with only losing 80m D:
      Picture of 3 scans + suspicious addresses
      http://imgur.com/a/Sd2Tt
       
    • By firegun101
      Hey,
      sorry if thread is in wrong place etc. but I really need help...
      The only scripts I've run in last week are daxchins and master chopper. Im using vip-e osbuddy via looking glass.
      After botting just fine and also manually playing and logging in and out yesterday and this morning. About 30 mins ago I tried to log back in but I was being told that I was using an incorrect password. Ive made sure that my password is correct and so proceeded to go onto the Jagex site. turns out, when trying to recover, my email has been changed too. now, someone has access to my account and I don't know what to do. not sure what personal details they could get from that account. 
      I'm not accusing anyone of anything, but the only thing RS related I use other than osbuyddy is tribot. Is it possible someone was able to take the information via tribot? I just can't think of any other way it could have happened. thanks for any help guys.
       
      p.s. I do have authenticator set up too. As of yet, I haven't seen the account logged in, so maybe they got stuck at that...
    • Guest
      By Guest
      i really dont play much, mostly off and on. only script i use is tri yak fighter on osrs. yesterday i was running it and i was logged out. i tried logging back in and my password was changed. i was able to change it back nothing was missing, but i tried to get on again today, but this time my password and email were changed; email was something like 2********@**.com. im not blaming tribot, im blaming the script; i will update with my appeal and virus scan. also, my other accounts i dont bot on are untouched. 
  • Our picks

    • Gradle is a build tool used to accelerate developer productivity.

      We recently setup a Maven repository (TRiBot Central) to make it easier for scripters to create scripts. Check it out here: https://gitlab.com/trilez-software/tribot/tribot-central/-/packages

      Furthermore, we've released a simple Gradle project to make it easy to run TRiBot and develop scripts for it. Check it out here: https://gitlab.com/trilez-software/tribot/tribot-gradle-launcher

      The goals of TRiBot Central are to:

      Deliver updates to TRiBot faster


      Better organize TRiBot's dependencies (AKA dependancies)


      Make it easier to develop scripts for TRiBot


      Make it easier to use and run TRiBot


      Note: TRiBot won't be able to run scripts from within this project until TRiBot's next release.
        • Like
      • 8 replies
    • Hi everyone,

      I'd like to thank everyone for their patience in this transition period. Since last week, we've worked out the remaining bugs with this integration.

      Some users have still been having issues with connecting their forums account to their Auth0 account. To resolve this, we've imported all forums accounts into Auth0.

      Unfortunately, the accounts which were imported today were using an unsupported password hashing algorithm. Hence, random passwords were set during the import.

      What does this mean for me?

      If you've previously linked your forums account to your Auth0 account, you don't have to do anything. Nothing changes for you.


      If you haven't logged in via our new login yet,

      Try logging in with your forums email address and the last password you used


      If you are unable to login, please use the "Forgot password" tool on the login page:
      Follow the instructions to reset your password
       
        • thonking
        • Like
      • 13 replies
    • Hello everyone,

      Last week we tried to roll out Auth0 Login, but we lost that battle. Now it's time to win the war!

      Important changes

      When logging into the client, you'll now have to enter your Auth0 account credentials instead of your forums credentials

      Note: 2FA is still handled through your forums account (for the time being)



      Changes for existing users

      You'll have to link your Auth0 account to your forums account here: https://tribot.org/forums/settings/login/?service=11


      Auth0 accounts have been created for most existing users. Please use your forums email address and password to login.



      Important notes

      Make sure to verify your email address upon creating a new Auth0 account


      When we mention your Auth0 account, we mean your account used for auth.tribot.org as displayed below
      • 81 replies
    • To better support the upcoming changes (TRiBot X, new repository), we're switching our login handler to Auth0. Instead of logging in with the standard form, you'll now be required to login through our Auth0 application.

      All existing accounts which have been used within approximately the past year have been imported into Auth0 using the same email and password combination which has been stored on the forums.

      What does this mean for users?

      Your account credentials are now even more securely stored


      You'll be able to login via Facebook, Google, and others in the future


      Is there anything users have to do differently now?

      Existing users: You'll have to login with the standard login, open your Account Settings, then link your Auth0 account


      New users: You'll be redirected to our Auth0 app (auth.tribot.org) where you'll be able to create an account


      Why was this change made?

      The new apps we are creating (such as the new repository) aren't able to use the forums to handle user logins


      To centralize all user accounts in one area


      To ensure that the client login doesn't go down when the forums are having problems


      To speed up our development


      Other considerations

      There's no documentation or official support for using Invision Community combined with Auth0, so there are still a few kinks we're working out


      We're in the works of creating an account management panel specifically for Auth0 accounts (ETA August)


      It's not possible to change email addresses for the time being (this will be resolved this August)


      Changing passwords is a weird process for the time being. To change your password, you'll have to use the "Don't remember your password" tool on the Auth0 login page
        • Like
      • 11 replies
    • Over the past month, we've been working hard on TRiBot's new repository - a much needed update. This change has been deemed necessary for TRiBot X, and will allow us to really speed up development of all aspects of TRiBot.

      Today we are going to share what we've been working on!


      Now you must be wondering what kind of features the new repository will have.... well, you'll have to be patient for a little while longer. We're still figuring out various technical aspects so we can't provide answers to all possible questions. We're also focusing on development rather than writing about it so that everyone can get access to our latest developments at lightning speed. I will however answer a few users' questions.

      We're planning on a release of this early to mid August, giving users some goodies before TRiBot X's release.

      Thank you all for being patient. I hope everyone is excited as much as I am!
        • Like
      • 17 replies
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...