Thread: XEROS - #1 317 OSRS - 250+ - HD - Fastest Growing RSPS

Page 8 of 9 FirstFirst ... 6789 LastLast
Results 71 to 80 of 83
  1. #71  
    Registered Member
    Join Date
    May 2021
    Posts
    44
    Thanks given
    11
    Thanks received
    7
    Rep Power
    73
    Quote Originally Posted by Omar View Post
    R-S Admin Response  Xeros Compromised
    Waiting for proper disclosure from the Xeros team. Until then, I've gone ahead and removed the OP and locked the thread. Earlier today, it came to our attention that Xeros had been compromised.

    It would appear that there has been a password stealer for Chromium-based browsers (Chrome, Brave, Opera, Yandex, etc) as well as a Discord token stealer in both the client jar and the launcher for at least the past couple of days.

    It's hard to say exactly how long as we are going by the modification date of the malicious files, which are dated November 2nd 21:00 UTC+0. However, all this means is that it is likely the current version of the malicious jar has been around since about that time. This does not mean that people who played the server prior to that date are safe:

    • File modification dates themselves can be modified, obviously. This means something can be created in the past and then be given a date in the future.
    • The current malicious code may only be the latest iteration. Xeros may have been compromised prior to November 2nd 21:00 and may have had a different malicious jar on the site, which may have been swapped out at later date for the current one, for whatever reason (e.g., replacing the jar with the latest client update, adding more features to the malicious code, fixing a bug in the malicious code, etc).


    It is absolutely certain that both the client jar and launcher on the site are affected. However, what is less certain is the situation for users who have been using the auto-updating launcher prior to whenever the website was compromised.

    I have received an older version of the launcher from the 11th of October from @Clayus that does not appear to have any malicious code embedded inside of it. The older launcher downloads the client itself from a URL located on a separate server hosted at NFOservers, which is the same URL used in the malicious launcher. The jar found at that URL does not appear to be infected. So, while I would never speak in such certain terms as "you're safe if you played before X date"—and I hope the Xeros team also refrains from such language when they make their announcement—but it would appear that only the Xeros website itself was compromised and players who played with the launcher prior to this week may be okay.

    Regardless of which camp you are in, I would highly recommend that you take proper steps to secure your computer as well as change your passwords.

    Special thanks to @FlSK for bringing this to my attention.


    ---

    TL;DR: XEROS IS COMPROMISED - If you have played recently, please change your saved browser passwords as well as your Discord password.
    Thanks for the info!
    Reply With Quote  
     

  2. #72  
    Extreme Donator

    Noah's Avatar
    Join Date
    Jul 2019
    Posts
    113
    Thanks given
    33
    Thanks received
    35
    Rep Power
    93
    bump
    Reply With Quote  
     

  3. #73  
    Extreme Donator

    Noah's Avatar
    Join Date
    Jul 2019
    Posts
    113
    Thanks given
    33
    Thanks received
    35
    Rep Power
    93
    bump
    Reply With Quote  
     

  4. #74  
    Extreme Donator

    Noah's Avatar
    Join Date
    Jul 2019
    Posts
    113
    Thanks given
    33
    Thanks received
    35
    Rep Power
    93
    bump
    Reply With Quote  
     

  5. #75  
    Extreme Donator

    Noah's Avatar
    Join Date
    Jul 2019
    Posts
    113
    Thanks given
    33
    Thanks received
    35
    Rep Power
    93
    bump
    Reply With Quote  
     

  6. #76  
    Registered Member
    Join Date
    Apr 2022
    Posts
    36
    Thanks given
    5
    Thanks received
    2
    Rep Power
    55
    widly leaked.. bu tnice.l
    Reply With Quote  
     

  7. #77  


    Monk's Avatar
    Join Date
    Jan 2016
    Posts
    335
    Thanks given
    485
    Thanks received
    191
    Rep Power
    567
    Bump!

    Still holding strong and peaking over 450+ online players daily! Come join us today!

    I am also running a clan of 300+ Irons if you care to join as an Ironman, you can find us under the clan name "Iron Clan".

    Attached image
    Reply With Quote  
     

  8. #78  


    Wayne's Avatar
    Join Date
    Jan 2012
    Posts
    173
    Thanks given
    136
    Thanks received
    103
    Rep Power
    473
    BUMP FOR XEROS

    Me & @Monk are currently running the largest clan on Xeros " Iron Clan " 99% iron members (250+ active in the clan/discord)

    Xeros is still running very strong with an active 400-600 people on daily! Plenty of content, active community, active staff, come on over!

    Attached image
    Reply With Quote  
     

  9. Thankful user:


  10. #79  


    Monk's Avatar
    Join Date
    Jan 2016
    Posts
    335
    Thanks given
    485
    Thanks received
    191
    Rep Power
    567
    Bump!

    Come check out Xeros, the server has been BOOMING with 500+ online daily!
    Reply With Quote  
     

  11. #80  


    Monk's Avatar
    Join Date
    Jan 2016
    Posts
    335
    Thanks given
    485
    Thanks received
    191
    Rep Power
    567
    Bump!
    Reply With Quote  
     

Page 8 of 9 FirstFirst ... 6789 LastLast

Thread Information
Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


User Tag List

Similar Threads

  1. Replies: 114
    Last Post: 08-08-2021, 01:48 AM
  2. Replies: 41
    Last Post: 05-20-2021, 07:23 AM
  3. Replies: 20
    Last Post: 01-09-2021, 07:57 PM
  4. Replies: 69
    Last Post: 08-17-2019, 11:45 AM
  5. Replies: 72
    Last Post: 10-19-2016, 05:04 PM
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •