• Welcome to The Wilderness Guardians - OSRS Clan - PvP, PvM and More - OSRS Mobile Clans.
 

[color=limegreen][b][Security][/b][/color] Account Security

Started by Checkley, January 19, 2012, 10:47:50 PM

Previous topic - Next topic

Checkley

Updated Guide

Making a quick guide on the most popular ways people manage to steal RS passwords. After reading Keanus' informative guide I decided to add to it quickly by telling you how to protect yourself from someone who actually has a decent knowledge of computers and not somebody who relies on Phishing.

All you need to protect yourself from attacks is common sense. Nothing more nothing less. Don't Run or Download anything you don't trust and even then, you could still be in trouble. I'm going to try and show you why.

R A T ( Remote Admin )

A remote administration tool (RAT) is usually the project of a Trojan download which i'm sure most of you know is a virus, i won't go into detail but once you have managed to achieve the status of having a RAT on your system you can expect the attacker to have the following access to your computer:

~Webcam Control
~File management (Meaning they can Download, Delete and Execute.
~Control of your shells via CMD
~Computer control
~Registry management
~Can log Keystrokes
~Can capture bankpins.

How to avoid being Ratted?

Disable automatic startup for applications that you only use occasionally. Anti-virus is more than likely going to fail to detect it.

Do NOT run any Java from sites that you have been linked to and or found on any Runescape Related site apart from the official Homepage. This includes any "IRC" chat links like Minichat etc. Any videos. All Private servers.

A RAT will be extremely difficult to detect.
A RAT will be quite hard to remove if you do not know where to look for it.

If you think you have been infected.

1. Download Malware Bytes Software.
2. Upload your Malware Bytes logs using http://www.pastebin.com
3. Private message me on IRC.

Reason being is that your original Software could be damaged and in turn not actually do what it's meant to. Always Remove it manually.

Trojan Downloader.

Usually a Trojan will appear as a normal program that the unsuspecting user downloads. Once it is run on the system, the designer then has access to that machine.

Once running, the Trojan then uploads hidden programs such as scripts and commands including RAT's and less advanced Loggers.

The Trojan is not necessarily the problem in itself as many are not malicious. Although find one on any runescape related programs and this gives the attacker access to download what he wants on your computer.

How to avoid

Any programs you are planning to download. Upload them on www.virustotal.com. This will scan the program with 20-30 different anti virus programs which is allot more accurate than just using your own. If anything malicious appears. Trojan or not Google it, if you don't like the look of it don't open or run your downloaded file. FILES ARE NOT DANGEROUS UNLESS YOU HAVE GIVEN THEM PERMISSION TO EXECUTE. Meaning you can download a file packed with thousands of malicious programs and as long as you don't run it you won't be harmed.


JAVA DRIVEBY
[/font][/size][/color]

A Java Drive-by is a webpage that creates a fake java applet. When a victim goes to the website, they will get a java box asking permission to run. If they click Run, the virus will be downloaded and executed.

A very popular and discreet way of spreading a Virus.

As you know Runescape needs permission from Java to load it's client. A malicious program will be found and look VERY similar to what you see on the Runescape Page. With the difference being that when you click "RUN" you will have given permission for the attacker to download the RAT onto your system and therefor Gwas your bank.

Teamviewer.

App used to view your friends monitor, often to help him in some way. Basically they can Download malicious software using this method. Be carefull if you do ever use it. Low risk but it's basically a trust issue.

Morale of the story is.

DO NOT RUN ANY .EXE FILES YOU THINK ARE SUSPICIOUS WITHOUT UPLOADING THEM ON WWW.VIRUSTOTAL.COM OR SOMETHING SIMILAR TO PROVE THEIR INTEGRITY.

DO NOT RUN ANY JAVA YOU FIND ON ANY RUNESCAPE FAN SITES OR ANY OTHER SHITTY SITE.






How do you know this works?

Because i have been hacked 0 times. I plan to keep it that way.

All attacks will revolve around .EXE files in one form or another.

Keanu has covered the rest with his guide.

Don't be noobs.

The guide is maybe a bit hard to read but if you feel you do need help then take the time.

Randy

Thank you for this guide.
In the past people have PMed "runescape forum" links that went to dodgy sites.
If that happens to you, either ask for a quick-find code or don't click on it.



I am the one who bends!
WG for 7+ years

PineappleTom

Great guide Andy. Possibly make the font a little easier to read in certain sections? (The red underlined area is particularly difficult - but I might just be too tired).

Thanks for the heads up!

JC

Like others have said this is a fairly good guide, the sad part is that most people who actually bother to read it generally don't need it and the ones that do will be too lazy/stupid :fp:
To strive.
To seek.
To find.
And not to yield.

Wayshow

Thanks andy :)
Simple enough for a computer idiot like me :D



Brent147

Excellent guide! I'm sure this will come in handy for newer members joining the community.
Proud to have served as the leader of the Wilderness Guardians.


heitorpacheco


JalJad

the java-driveby's are pretty common.. people advertise a clan and when u go to join it brings up a fake forums page .. pretty sad tbh.