It's recently come to our attention that a pro-cheating community is targeting accounts here on this forum in an attempt to gain access to RuneScape accounts. A member of that community has developed a tool which essentially uses a list of "common" Internet passwords, and a list of forum member accounts, to perform a brute force attack on our forum in hopes of getting the correct username and password combination to a member's account. It then attempts to use this combination to log into RuneScape.

We have messaged the forum members on this list who are at risk, but being excluded from the list doesn't mean that your account is safe (the list can be changed later). We strongly urge you to check that your forum password is "strong" (8 or more characters long, a mix of letters, numbers, and other characters), and is unique to this forum. Don't use the same password for your forum account and any other accounts you might have! This goes for all of your various Internet accounts - use unique passwords for each one!

We aren't going to post the name or URL of the site responsible, so don't ask!

Oo, that doesn't sound good! Thank God I use different passwords for everything!

Woot! 1st Post!!

Eh, I probably need to change my password.

Oh well, nice to know y'all're looking out for us.

Why me? (Hackers will die when they access my account. )

One question though, do you happen to know what the accounts being targeted have in common?

Or is it by a random selection as to who is being targeted?

My guesstimation is that is just completely random. They probably have nothing in common.

Your forum username is probably on a list of common RuneScape usernames.

I just changed my password. At least I set it so my computer remembers my password

Thanks for the warning, although my password is impregnable.

just changed my forum and rs password to something more complicated. why would hackers target me when they could hack some level 138?

Uhh, cmmon bring it im not scared, different passwords for everything.
Thanks for the warning Sal!

because their accounts would be impossible to hack, while a low - med leveled person is an easy target because they think that.

Wait wait wait...

What if Sal got hacked and needs everyone to change their password so that he (the hackers) actually get all our passwords?!?!?


Manchurian Candidate: Sal's Realm.

How did people get selected to be hacked? I mean this really sucks...

I was selected on the risk list, although I changed my password and I think I should be fine.

(Thanks to Sal again for the PM)

OH MA GAWD WE'RE ALL GONNA DIE! Man the cannons!

Changed my overly long password to make it even more longer.

EDIT: You're basically safe as long as you don't have a bad password like "password" or something.

We're supposed to use a different password for everything? Woops.... Time to change it.

Thanks for the head up, I feel special that they are trying to target me

I'm guessing the person targeting members looked at the post count totals. Everyone thus far who mentioned receiving a PM from Sal has over 1k posts. I'm not too worried about my account here at Sal's. It's far easier and quicker to reestablish my account on Sal's than on Runescape. My RS password is pretty complex and unique anyway. Have the Admins taken a look at the lock-out system of account login failures and made any changes?

Edit: Because this post is continuously getting quoted, I'd like to point out that I used the terms "guessing", "thus far", and "who mentioned" within this very post. I also said in post 29 that it's more likely a combination of ways in which the hacker targeted people along with a few random selections as well.

They probably went by Combat level and maybe looked at Bank Pictures topic in Other Screenshots.

Then why was I targeted? I haven't posted there, and am only a level 107/114.

if this is true i cant wait until they hax somone who has 3k+ posts and finds out their rs character is a level 30 with full mithril.
look on face priceless.

Which is why I'm guessing post count and not actual RS account info.

Edit @ Skelengel: With all the steps to prevent RWT, I'm guessing any Runescape hackers of today aren't looking to trade items, but rather trash an account with warns, mess up pures by training different skills, dropping items, or hope they find an inactive, high leveled account to play.

true that

hackers of 2005= chinese rwters

hackers of 2009=sociopathic losers.

I was on the target list, so I changed my password to something stronger, even though my Sal's pass and R.S pass are different.
Meh, hope this blows over soon.
~Piggeh

Because a lvl 138 can be expensive if someone decides to sell it, you can get a lot more buyers with $20 a pop than you can get for $400.

Not that they actually get to use the account for very long but there you go...

And a player mod account is worth considerably more.

I got a pm from Sal, and I have under 300 posts Agent. I'd say they are simply going for anone who they know is fairly wealthy or is level 100+
I feel nervous now

im thinking they had a look at your sig and saw you were 132 combat.

^ Yes. That was what I meant, they must be targeting the high levels.

I wouldn't consider Hybrid a high level and he doesn't seem to fit into your qualifications. It could easily be a combination of ways for the hacker to have chosen targets. I was pointing out the correlation I noticed based on the posters before me.

Edit @ Hybrid: There is nothing for me to consider. I made a guess based on what I seen at the time. I later modified that guess. I was not apart of the private discussion so all I can do is make an educated guess based on what I see.

I would have considered 16M for a free player to be decent, but for a member, I'd consider that nothing. Anyway.... that's not the point I was getting at, so let's move past rating your account and back to the issue at hand.

Why does it seem like everyone is panicking here? If you're worried, just change your Runescape and/or Sal's forum password and be done with it. The issue is then resolved.

hybrid has multiple topics in the screenshot place showing that he has 16+ mill gp so im guessing that was the reason for being targeted as was mine since 103 isnt really a high level.

Because if they figure out your Sal's Realm password they figure out your RS password!

And I lol'd @ Light.


I thought I was special for getting a PM.

Changing it to something longer would be better, I guess.



19 letters in Runescape, 20 letters here.



I'm sure they're more interested in selling accounts. You can easily get $100 for an account in the low 100s.



Although a player mod would be banned/recovered/whatever easily. Jagex really cares about those and has higher security measures for them.

My pass is extremely easy but will drive peeps crazy guessing it.
idc, my rs account is well protected

Do the hackers know both the forum name and password for each member? Or do they just have a list of most commonly used password?

The forum database hasn't been compromised. The hackers are using a list of commonly used passwords and trying to login to Sal's accounts using this list. If they are successful, they'll check your profile and/or posts for your Runescape name. Then, they'll try combining your RSN with your Sal's forum password in hopes they can log into Runescape. An article posted on whatsmypass lists 500 commonly used passwords. I'd post the link but some of them are innapropriate. I suggest alternating alphanumeric characters (those that are letters and numbers) like 'd7g1h9w7v4s9'. It might be a pain to remember at first, but it's so much more difficult to hack as opposed to a continuous string of letters or numbers.

Heh... I just changed my password on the forums... But then I realized that my Sal's password and my RuneScape passwords were already different before I changed them, and also that I had quit RuneScape...

Thanks for the heads-up Sal.

Thanks for keeping us updated on current threats Sal

--Tws

Hooray, I've been selected!

I can't be bothered changing my password, and I have a different password for my RuneScape account anyway. I imagine they'll want my Sals account though, because I'm a pretty big deal.

Ok, so I am slightly confused. Is this "site" taking our account info off of another Runescape fan site and trying to gain our password(s) on that site, and then seeing if they work on other fansites such as Sal's? Or is this "site" violating its own Terms of Use and taking passwords from its own members who have registered there? (I know the ultimate goal is to gain our RS accounts, but I want to know how exactly this is going down)

I'm curious as to what exactly is going on, rather than being told that our accounts may be in danger. And has Jagex or the company software owners of that site been notified?

Thank you,
-Aanders5

I don't fit the mould either though. In wealth, cb, or post count. I think it is thoroughly random guys, as I was targeted.

What a welcome back to Sal's. I've been gone awhile and come back to this. Well, Sal did a great job of informing us and telling us how to stay safe so I won't worry. (I don't use the same passwords either at any rate). Another good idea is not to store your passwords on your computer if you are one who keeps them in case you forget.

-Rayn.

On the list, less than 1k posts, Combat 106. Thanks for the heads-up. Changed. My forum password really wasn't that great, so I upped the difficulty significantly. RS one is different already.

I may not be the "highest" leveled player, but please do take into consideration membership status. I know a few other "good" F2Per that have also been PMed. (Total level might also be a factor as to who is selected, along with membership status.)


Never knew a few people actually go into that sub-forum.
It might have been my cash, but there are for sure other people that are F2P and more money than me on this forum. (I was the most recent topic starter that showed my cash, so guess they picked me. )


I thought I was special too.

I received a PM and I don't even have 500

As

A group of people have a list of Sal's usernames that somehow they've picked. They're trying to break into the Sal's accounts using common passwords. If they break into an account on Sal's they try the password on the associated RS account.

different password ftw

But.. but... I'm not even 100 combat and I only have 500 posts. ;o

Thanks for letting me know -- and now I can say I got a PM off Sal

you have a clan chat rank
that's why

URHHHH
I changed my password then forgot it, More memorable perhaps?

Doubt it, I received a pm from sals, and my bank is under 10 million, stats aren't much to go by either - only one 99 and incredibly low defence, + I've under 1k posts...

There you go, blown you theories!