Runescape Fan Sites Hacked

At least two Runescape fan sites have been hacked in the past week. RuneHQ was hacked a week ago and now Tipit was hacked yesterday Oct 11. If you have any accounts with those or other fansite's you should reset your passwords ASAP (especially if you’re crazy enough to use the same password for your main runescape account!)

It may just be coincidence, but it's odd how the tip-it hack happened the same day the tip-it site was mentioned in Jagex's news update titled "Update on our ongoing battle against bots"

http://services.runescape.com/m=news/up ... -battle-against-bots .

Nope. Just an RSBandB person. I don't think I ever made an account on the others. I used to use some of their databases, but since I rarely play Runescape anymore, I have no use for them. The calculators here are about the only things I really need if I ever play. It is odd they got hacked. Not sure it had anything to do with the update on botting.

Not sure if I had accounts, I know I've been to both sites. Changed pass.

Runehead was hacked twice maybe three weeks ago. It was so severe that most of the clan memberlists were altered, having the name of their clan and website listed changed to a site with a key logger. It was extremely troublesome, because Runehead has a wait time to change your clan name, so we all had to put up with the fake names for a week. -.-

That's kind of strange they'd call all the posts by their users junk and wipe the forums making everyone re-register.

If it's any consolation, RSBandB isn't going anywhere. We're a small community but Shane and I have spent a lot of time on security and if we do manage to somehow get hacked, we have regular backups.

Thanks for the info. Lucky for me I keep my rs account secure and use different passes everywhere.

I don't think botters or bot sites would put the effort into taking down sites that are anti-bot.

First, players who bot to play the game aren't really as effected by Jagex's methods as the gold-farming bots are. The gold-farming bots tend to be the most obvious, and simultaneously the least important to those who run them, and I can't quite see a major gold-farming group going through the effort of taking down anti-bot fansites. Even if that effort did somehow help bot farmers, it would end up helping all bot farmers, and the time and effort needed for the hacking would have likely been better spent on them improving their own bots and watching their competition fail.

Second, I don't think players that bot honestly hate or give a **** about anti-bot players. I've made a video which directly complains about bots, and it's been shared on several bot sites (YouTube tells me where my vids get views from). The people there actually enjoyed it and couldn't care less for my anti-bot attitude. Hell, some of them even came to my video and commented or subscribed, when I make it pretty clear I'm sick of what bots have done to the game.
So if it was indeed botters who had RuneHQ and Tip.It taken down, it was most likely for the lulz, not for any hatred or "punishment".

I'm betting this actually has little to do with bots, and more to do with scammers, hackers, and phishers. As a result of these two hackings, the amount of RS-related phishing spam I get in my email has quadrupled. I'm pretty sure passwords and recovery hints are exactly what they're after, and I don't think the timing of the newspost on botting has much to do with Tip.It's hacking (I imagine, depending on how they attacked Tip.It, that planning and preparing the attack would have taken more than just a single day... This obviously wasn't just a simple DDoS, or Tip.It would have come back by now.)

RuneHQ said their hacking was due to an exploit of some old, outdated code in their system, not someone cracking the admin's password.