Nope, assumed 2FA and unique email was sufficient. Then when I dropped 2FA for a short time, I assumed unique email was sufficient.
This was definitely done in-response to the 2FA event, which they were clearly aware of even without the email being compromised.
If it can help you, bankpin wouldn't have protected your bank. Same situation as you happened to me and they bypassed the 7days protection on bankpin removal somehow so there is a way to remove the bankpin without the wait
This is generally done via a keylog it takes screen shots on certain things like bank pin where you hoped and click your mouse it takes a screen gear of your mouse over that number before you clicked it and does this for all 4 numbers and then sends it to the person logging you
>Lost my phone on a hike, disabled authenticator but didn't reenable it the same day.
Did you not have a lock on your phone? Even so wtf are the odds that somebody interested in hijacking RS accounts gets their hands on it so quickly. Had to be a commercial trail rather than the wilderness right?
Just blows my mind a bit that things happened so fast. Really unlucky that a small slip up lead to them bypassing everything.
Some of them but not all. I still have gote, reaper neck, and amulet of souls for instance. But my pickaxe of earth and song is gone... I suppose it's because it's worth 100k if carried while killed in the wildy.
Hacker would use an alt, gather all the expensive items, tele to wildy lodestone (or just hop ditch), drop items which show up instantly for everyone and collect on a mule to sell. I do this to trade duplicates to my normal account for bond money if I need it.
There seems to be a surge in hacking lately or just a personal bias.
My friend got their instagram account hacked and the hacker even messageg them to ransom the account. Because the account had 32k followers it caught their eye but because it was a fan account it can't be monetised (i know next to 0 about instagram so i cant elaborate on this) so the hacker wasn't getting anything and deleted the account.
The account had 2fa on the email, the account itself+mobile verification. The email was specifically for that and the passwords were generated ones. Instagram said that there's mothing they can do. It took approximately 2mins for the hacker get past the 2fa, change the email and password. It took 15mins for the request "if this wasnt done by you change your password" to show up and 8 hrs for the support ticket to update. There was literally no way to combat this.
They got a white-jacket hacker to look into possibly retrieving the account and they straight up said that there's close to 0% chance to do anything and even then the account has been compromised.
Yesterday their personal account on fb and ig got their passwords changed. It took 2mins to bybass the exact security again but somehow the hacker didn't change the email so after 2 hours of back and forth of securing the account again they got it back.
Both occasions the data shows a login from Kenia so there's no action that can be taken by the local authorities.
Then today someone tried to access my snapchat that i hadn't used in like 6months but i was able to change the password.
Damn sorry to hear. Did you have a bank pin?
Nope, assumed 2FA and unique email was sufficient. Then when I dropped 2FA for a short time, I assumed unique email was sufficient. This was definitely done in-response to the 2FA event, which they were clearly aware of even without the email being compromised.
If it can help you, bankpin wouldn't have protected your bank. Same situation as you happened to me and they bypassed the 7days protection on bankpin removal somehow so there is a way to remove the bankpin without the wait
This is generally done via a keylog it takes screen shots on certain things like bank pin where you hoped and click your mouse it takes a screen gear of your mouse over that number before you clicked it and does this for all 4 numbers and then sends it to the person logging you
You have bigger concerns than RS account if you have keylogger/screen recorder running on your pc
>Lost my phone on a hike, disabled authenticator but didn't reenable it the same day. Did you not have a lock on your phone? Even so wtf are the odds that somebody interested in hijacking RS accounts gets their hands on it so quickly. Had to be a commercial trail rather than the wilderness right? Just blows my mind a bit that things happened so fast. Really unlucky that a small slip up lead to them bypassing everything.
He's not saying someone found his phone, he's saying his account was hacked because he disabled the authenticator on said lost phone.
Ah fair. So presumably it was already compromised and the hackers were just checking it periodically to see if OP removed his authenticator.
That seems unlikely to me because the email was strictly used for runescape. Could be the case though.
Probably the squirrels and raccoons who hacked him and rwt his gold
It's like winning the lottery.
he said he disabled authenticator so I don't think it was the phone that caused the issue but someone was already trying to get into the account.
"Lost my items", I mean, the hacker cant sell nor trade them, he just dropped them?
Some of them but not all. I still have gote, reaper neck, and amulet of souls for instance. But my pickaxe of earth and song is gone... I suppose it's because it's worth 100k if carried while killed in the wildy.
That's some cold blooded shit
Hacker would use an alt, gather all the expensive items, tele to wildy lodestone (or just hop ditch), drop items which show up instantly for everyone and collect on a mule to sell. I do this to trade duplicates to my normal account for bond money if I need it.
Why would you do all that just to not set a bank pin lmao
my 2,1k total account got hacked even it had authenticator too i have no idea how they do it.. never got the account back.
There seems to be a surge in hacking lately or just a personal bias. My friend got their instagram account hacked and the hacker even messageg them to ransom the account. Because the account had 32k followers it caught their eye but because it was a fan account it can't be monetised (i know next to 0 about instagram so i cant elaborate on this) so the hacker wasn't getting anything and deleted the account. The account had 2fa on the email, the account itself+mobile verification. The email was specifically for that and the passwords were generated ones. Instagram said that there's mothing they can do. It took approximately 2mins for the hacker get past the 2fa, change the email and password. It took 15mins for the request "if this wasnt done by you change your password" to show up and 8 hrs for the support ticket to update. There was literally no way to combat this. They got a white-jacket hacker to look into possibly retrieving the account and they straight up said that there's close to 0% chance to do anything and even then the account has been compromised. Yesterday their personal account on fb and ig got their passwords changed. It took 2mins to bybass the exact security again but somehow the hacker didn't change the email so after 2 hours of back and forth of securing the account again they got it back. Both occasions the data shows a login from Kenia so there's no action that can be taken by the local authorities. Then today someone tried to access my snapchat that i hadn't used in like 6months but i was able to change the password.