Jump to content
Frequently Asked Questions
  • Are you not able to open the client? Try following our getting started guide
  • Still not working? Try downloading and running JarFix
  • Help! My bot doesn't do anything! Enable fresh start in client settings and restart the client
  • How to purchase with PayPal/OSRS/Crypto gold? You can purchase vouchers from other users
  • Try asking for help in the chatbox
  • Scam report - Antonio Kala


    oh_my_goth
     Share

    Recommended Posts

    All members involved: Oh_my_goth (Me)  & Antonio Kala (Account seller) https://dreambot.org/forums/index.php/user/91919-antonio-kala/?tab=feedback&st=40

    Thread Link:  https://dreambot.org/forums/index.php/topic/10555-completed-tutorial-accounts-and-7qp-quality/?do=findComment&comment=99408
    Explanation: Sold hundreds of lvl 3 accounts to me, recently been recovering/hacking them shortly after membership shows up on the account.  Method using I believe is Runescape.com main page.  Logs in, checks for membership, changes password/waits for an opportunity to steal items and let the bots essentially 'run for him'.
    Evidence: Lots & lots of chats.

     

     

    Let me start with 2 things.

    1) Prepare for alot of reading, I type alot.

    2) I take full responsibility in my part that was account security.  I am aware all of this could have been avoided with simply changing the passwords, myself. Regardless of this, the user has scammed, and I expect some sort of punishment towards him.  I debated whether or not making this thread - as I have absolutely nothing to gain by publicizing my loss, might even make me seem like a noob, regardless, I do not want this to happen to anyone else.  It is simply horrible to wake up one day, and know all your hard work is being leeched no matter what you do.  He was very sneaky as to how he stole my accounts and tried to 'offer me possible solutions' , I hope I am not the only one that thinks it's the most obvious thing of what has happened, here, due to his possible rep in other places.  This is DreamBot.  Not Osbot, not scythe, not anything other than DreamBot.  He doesn't even have VIP, he literally has nothing to lose here by scamming one user that doesn't even have 4 months on the website.  at least I'm hoping this is not the case, and he gets what's coming to him.

     

     

     

     

    https://gyazo.com/ec40967c69c92f7ee4e5f6084a31fbcd - Antonio Kala's Skype

    https://gyazo.com/097cc578a84fb3041c01a32701630a0b - Snap of his thread stating his skype.

     

     

    June 25th, 2017

    https://gyazo.com/5c3a1e02d27dcd549348da2aee27c4a0 Have a feedback on this date marking out first ever trade.  Bought 3 30 accounts. 

     

    June 30th, 2017. 

    https://gyazo.com/13722e62f97d24ba8ce0ea0ef81fdbd0 Bought my first batch of 100 lvl 3s from Antonio Kala. 

     

    July 13th, 2017

    https://gyazo.com/d2f15275d48d609758fcd334d50a35e2   Bought another batch of 100 accounts.  Have feedback for this sale as well.

     

     

     

     

     

     

    July 17th, 2017

    https://dreambot.org/forums/index.php/topic/11020-courtesy-announcement-market-crash-this-week/

    I wanted to somehow talk to the community I guess?  As an individual botter, I have nobody to talk to about botting.  I attempted to talk in the spam section to at least get some spam goin' on if anything.  Talked about my farm and how I hold a large amount of items and went into some details, showed a screenshot for a while of some examples (which I later removed for security reasons).  

     

     

     

     

     

     

     

     

    Friday, July 21, 2017.

    https://gyazo.com/95e66829de6f15f4343a7885dc6e3a1b ---  Bought another 100 accounts.  have the feedback for this.

     

    https://gyazo.com/4fa8c849bc48ad2c267bc2e9ad292816

    https://gyazo.com/77f96fafe40a55cc78669f161da96aee

    I bring up a possible issue with his accounts & security with using the same exact password. 

    https://gyazo.com/e43b3c6c25fa1265413ec487f62c190a

    I explain I had something unsual happen.  What I didn't explain, is that I noticed those 2 accounts were compromised, because I noticed those same 2 accounts were drained of items to a point where the botting's run wouldn't be affected (as it only needs cash to run which was obvious with the account setup and location), and would seem as if it was the bot's fault (spoiler, it wasn't)

    I explained to him what happened to me after this, those same 2 accounts had gotten their passwords changed a while shortly after that event (day or 2, don't remem exactly)

     

    https://gyazo.com/daf150bc0bac2b479f974c7f2bf6c1ac?token=7c3580e8d9131d1d82b272c94d305547

     

     

    Based on the suggestion he made of the account being "banned" I made a whole conclusion as to what was happening to me due to mule bans I had after my thread (I didn't understand what a dumb move I made with that thread, as Jagex removed every single one of my remaining mules & items from RuneScape existance) based on knowing my home IP was IP banned for goldfarming, I imagined it WAS Jagex's banning methods.

     

     

     

     

     

     

     

    Keeping in mind my account seller suggested they're bans I started documenting my results to get around bans, by figuring out a pattern.

     

     

     

     

     

     

     

    Thursday, July 27th, 2017.

    https://gyazo.com/f4715a7ac6f35cbfbb63ad7fe635221e 

     

    https://gyazo.com/b80ecf7285afcbfccd82199eb1c28bf8

     

    Here I explain a really really bad theory as to what's happening to my other accounts - as the most logical would be my account seller, but I had ruled out that theory by checking their last log-ins.  They all seemed to be showing up 2 weeks minimum, which was indeed correct.  They were not tampered with in-game , until after membership appeared on the account.  (remember where he asked me if the accounts were p2p? what business it it to you, sir?)

     

     

     

    https://gyazo.com/f0a4260acc26f506c42e8ba8ed0f6873 -  Thursday, still, I explain to him I'm running 30 + Arcus123 passwored accounts (HUGE MISTAKE) and the pattern I noticed was same bots (because I used his accounts to the same methods) arcus123 pretty much.  At this point I was certain it was the accounts.

     

     

    Ever since that day, the casualties went from 1, 2 accounts with dissappearing items, to 5-10 at a time with incorrect password errors mid-bot at randomized hours.  I kept documenting the bans, the times lasted, day bonded, day 'incorrect password' error was shown, which vpses I had issues with.

     

    After this day, I did not add more bots.  I just watched the results.  At this point, I knew the accounts were being my issue.

    Every day, I had compromised accounts in some way, shape , or form.  I'd replace about half of these bots with accounts that Romfan supplied me approxmiately 2 months ago, and a few I had saved from when botting tut isalnd was easy that were aged at 3 + months.  Antonio's accounts were recieving this issue at 'random' , incorrect password.  I was down to my last 13 of Antonio's accounts Saturday morning.  I decided to change the password for them, as I needed to rebuild my farm for the weekend.  I successfully changed 11 accounts, as 2 of them were already chosen to be stolen in the near, near future.  These were not simple lvl 3s.  One had combat stats, and another had high cooking & moderate firemaking.   (Also one 2-day old mule was hit, it had 26m cash, woke up to 16m lost mysteriously) arcus123 password .

     

     

     

     

    Friday, July 28th, 2017

    https://gyazo.com/cb35f1515c33f8999e94a1d22dff7b4e - Started doing research in regards to the user & his accounts.  No issues whatsoever according to them (which is why I used Almond's accounts supplied by Antonio to test my theory out) 

     

     

    https://gyazo.com/a500880370fd18bb126b3e30ef43974d  Also warned Antonio I was onto him, and was going to open a Scam dispute against him, hoping to see a crazed reaction.  I was not disappointed in his reaction.

     

     

    July 29th, 2017  

    https://gyazo.com/f17664bccc0d5d15fab6c573c09c090a He went feedback digging on my DreamBot profile to see what accounts I had bought

     

    Furthermore - I bought accounts from Almonds. A user that bought accounts directly from Antonio Kala.  I bought Antonio's accounts via the same method, format, and skpe that I had recieved the batch that Antionio delivered personally.  These seem to be running perfectly fine with a cherry on top.

     

    https://gyazo.com/9a2bbfc396ae6a19fd1841cd06a21f40 - I had told him earlier I was showering (in regards to my comment)  The reason to this screenshot is his line that I personally think is very intriguing to read.  "Ok well but I don't want almonds to sell to you anymore"  

     

    https://gyazo.com/8d4345a21f423df0c4bf686a44e92e82 - His last words to me seriously just made me shake my head.  That was a move out of pure desperation in my eyes, and a really poor word use to a stranger.  I guess now after my acusations, he thinks we're friends, and even further, thinks its okay to say he loves me.  Gross.

     

     

    Today, I can happily say, I only own 1 compromised account, as I've taken Antonio's accounts out of my farm, and solved my account security issue. (the one is already with an email set)  It is sad to see this is the issue, as he is a huge account seller throughout many forums, and this is just a dissapointing find that cost me ALOT of accounts and a decent amount of GP loss.

     

     

     

     

     

     

    If I recieve any issues with my personal accounts/Accounts supplied from Romfan, months ago.  I will retract my dispute and consider it a VPS problem , however, these are unmanaged VPSes which I control, I've talked to my supplier as well, and went as far as changing the passwords, ports, rebuilding the whole goddamn thing.  The issues still resided with the Arcus123 passworded accounts.  My skype is not even my personal email, and has no link to RuneScape botting, or to my skype.  The password was an old password non-linked to other passwords of my personal variety (which I use for botting).  if my skype is the issue, I should arrive the same issue from future account sales.  as up to now, I blame Antonio Kala 100% for what's happening.

    Edited by oh_my_goth
    Link to comment
    Share on other sites

    Okay so I'm gonna go ahead and assume at tl;dr of this is that you bought accounts from Antonio, put membership on them, and then they got recovered.

    For the rest of my questions, I'm just going to ask for clarification and a simple tl;dr so that nobody has to read through this thread.

    Did he say these accounts were aged at all? If they were fresh it's possible they were just locked because that's what happens when fresh accounts change locations by a large distance.

    Did he say he'd recover them for you and give you access back? (assuming he didn't recover them, and they just got locked)

    I will ask Antonio to respond to this thread as well.

    Link to comment
    Share on other sites

    Okay so I'm gonna go ahead and assume at tl;dr of this is that you bought accounts from Antonio, put membership on them, and then they got recovered.

    For the rest of my questions, I'm just going to ask for clarification and a simple tl;dr so that nobody has to read through this thread.

    Did he say these accounts were aged at all? If they were fresh it's possible they were just locked because that's what happens when fresh accounts change locations by a large distance.

    Did he say he'd recover them for you and give you access back? (assuming he didn't recover them, and they just got locked)

    I will ask Antonio to respond to this thread as well.

     

    Yes, his accounts were aged, furthermore, as a botter, I don't use them right away after a buy.  I wait anywhere from days to weeks before using most of the accounts (I had over 100 accounts prior to the last sale, which I still have access to and unused)

     

    The accounts in question are 1 month + aged.  The newer ones probably a week to 2.  Changing the password resolved the issue and I recieved no further issues with the accounts.  Any account he stocked that runs in f2p is completely safe as the target is p2p.

     

     

    No.  These accounts are lvl 3.  It'd be very hard to recover them without any info.  The accounts were sold to me without an email.  After p2p, some recieved an email registered similar (but not always exact) to the login email out of thin air.  These accounts were not locked, they had their password changed.  Adding the accounts in-game resulted in a name change, such as 'Dragon punch'.

    Link to comment
    Share on other sites

    I did not hack his bonded accounts.

    I'm really sad that his accounts got hacked, and I wish that wasn't the case but it wasn't me.

     

    I have no interest in hacking accounts, my profit comes from selling them.

     

    The accounts all come without emails linked to them, and the login email is not real. The user is free to register an email and change the password.

     

    The users, skype, vps, pc could be compromised, account could have been deleted as it was botting or he could be trying to get free money off of me.

     

    I Have sold over 5k accounts here on dreambot and my feedback can show that for me.

     

    I have over 200 offsite feedback as well as lifetime-sponsor that I would not risk, if the mods would like to see it. 

     

    I would not risk all my reputation and future account sales to hack a few bonded accounts.

    Link to comment
    Share on other sites

     

    I did not hack his bonded accounts.
    I'm really sad that his accounts got hacked, and I wish that wasn't the case but it wasn't me.
     
    I have no interest in hacking accounts, my profit comes from selling them.
     
    The accounts all come without emails linked to them, and the login email is not real. The user is free to register an email and change the password.
     
    The users, skype, vps, pc could be compromised, account could have been deleted as it was botting or he could be trying to get free money off of me.
     
    I Have sold over 5k accounts here on dreambot and my feedback can show that for me.
     
    I have over 200 offsite feedback as well as lifetime-sponsor that I would not risk, if the mods would like to see it. 
     
    I would not risk all my reputation and future account sales to hack a few bonded accounts.

     

    I've had other skype account sales , including recently with Almonds, where I bought 3s you sold to him.  (after this security issue started happening)  These are running great.

     

    My VPSes are unmanaged - there's no 3rd party involved in my VPSes, I also talked to my provider about this, and after some discussions, they confirmed the issue was not with the VPS.  I rebuilt everything from scratch - I still had this issue with your accounts only.  Every other account ran fine on every other VPS.

     

    I'm not asking for money.  Never have I asked you for a single cent.

     

    It's not 'just a few bonded accounts' as you refer to, there was a much larger scale of item/gold removing & password changing.

     

    Yes.  I am sad as well, I did not expect to be singled out, precisely by someone so 'trusted' on 'offsite forums'.  I expected more professionalism from your part, but it is what it is.  Taught me how important security is, at least.

    Link to comment
    Share on other sites

    Just incase someone is sniping these accounts by seeing display names in game (because its a little obvious which accounts are antonio's), you should name change all bonded accounts.

    Link to comment
    Share on other sites

    Okay so after some deliberation among staff, we've come to a few conclusions.

    There's not really enough concrete evidence for us to make a clear decision on who is at fault.

     

    What we have figured out is that the overall security of the process is pretty low.

    The buyer is partially at fault for not changing the passwords after purchasing them, which should always be done regardless of what you're buying.

    The seller is partially at fault because he made blocks of accounts with the same passwords.

     

    The delivery of the accounts also seems to lack security, as when the accounts are delivered via Skype or Discord, Antonio leaves the message containing all of the account details there forever.

     

    This means that if the buyer was compromised, so are his accounts.

    If Antonio was compromised, so are all of his accounts.

     

    Antonio also delivers accounts through pastebin when it's a large amount of them, which is how he sells them to Almonds. This pastebin expires after an hour, meaning there's a very small window for that information to be seen and gathered by an unwanted 3rd party.

    Since these accounts were not "hacked" when sold by Almonds to goth, it leads me to believe it's simply the method of delivery that is causing issues.

     

    Regardless, there are too many possibilities for us to know anything specific, and it'd be too easy for a buyer of these accounts to make it look like they were hacked back.

     

    My solution I will say here is that I believe Antonio needs to take some responsibility and change the way he's operating his business. This does not mean he needs to refund in any way.

    He should probably not deliver accounts through pastebin, as the pastes *are* public (even if unlisted) and searchable for that 1 hour. Instead he should do one of the private paste sites, or send them via email if possible.

    When delivering through Skype or Discord, he should delete the messages containing the information as soon as the account delivery is acknowledged as complete (they copy/pasted them to their own location) by the buyer.

    He should also probably try to limit the block size of accounts that have the same passwords. I'm unsure as of now how much of an impact that would actually make, as the 3rd party would still need the emails even if he knew the password to one of the accounts.

     

    As for the buyer, the buyer should always be aware that this information is recognized as "shared" the moment two people know about it. If you're running a farm with accounts, or you're putting any kind of wealth on your accounts, you should ALWAYS change the passwords, and register an email to the account in the process.

    Link to comment
    Share on other sites

    Okay so after some deliberation among staff, we've come to a few conclusions.

    There's not really enough concrete evidence for us to make a clear decision on who is at fault.

     

    What we have figured out is that the overall security of the process is pretty low.

    The buyer is partially at fault for not changing the passwords after purchasing them, which should always be done regardless of what you're buying.

    The seller is partially at fault because he made blocks of accounts with the same passwords.

     

    The delivery of the accounts also seems to lack security, as when the accounts are delivered via Skype or Discord, Antonio leaves the message containing all of the account details there forever.

     

    This means that if the buyer was compromised, so are his accounts.

    If Antonio was compromised, so are all of his accounts.

     

    Antonio also delivers accounts through pastebin when it's a large amount of them, which is how he sells them to Almonds. This pastebin expires after an hour, meaning there's a very small window for that information to be seen and gathered by an unwanted 3rd party.

    Since these accounts were not "hacked" when sold by Almonds to goth, it leads me to believe it's simply the method of delivery that is causing issues.

     

    Regardless, there are too many possibilities for us to know anything specific, and it'd be too easy for a buyer of these accounts to make it look like they were hacked back.

     

    My solution I will say here is that I believe Antonio needs to take some responsibility and change the way he's operating his business. This does not mean he needs to refund in any way.

    He should probably not deliver accounts through pastebin, as the pastes *are* public (even if unlisted) and searchable for that 1 hour. Instead he should do one of the private paste sites, or send them via email if possible.

    When delivering through Skype or Discord, he should delete the messages containing the information as soon as the account delivery is acknowledged as complete (they copy/pasted them to their own location) by the buyer.

    He should also probably try to limit the block size of accounts that have the same passwords. I'm unsure as of now how much of an impact that would actually make, as the 3rd party would still need the emails even if he knew the password to one of the accounts.

     

    As for the buyer, the buyer should always be aware that this information is recognized as "shared" the moment two people know about it. If you're running a farm with accounts, or you're putting any kind of wealth on your accounts, you should ALWAYS change the passwords, and register an email to the account in the process.

    Assuming there's no malice here, the most probable explanation points to weak security measures.

     

    Identical passwords are used for large batches of accounts, and among multiple buyers, it's very common for them to be given the same passwords.

     

    In regard to your comment about needing to know the username, it's not applicable here. The usernames for these accounts sold by Antonio are simply username + @ domain name (either Google or Yahoo). So not only are the passwords reused among multiple customers, but the login name is visible to anyone. It's a serious vulnerability that could have been exploited by anyone willing to scrape names from common botting locations.

    Link to comment
    Share on other sites

    Just incase someone is sniping these accounts by seeing display names in game (because its a little obvious which accounts are antonio's), you should name change all bonded accounts.

    Great advice, except it doesn't come close to what happened to me.  I was an individual, large target.  Antonio has sold thousands of accounts as he himself stated.  Specifically here on DreamBot.  If this was the case, why is it that only my accounts, and today, a few of another user's were targetted?  Furthermore, there is absolutely no way for the other person to know the login information.  You'd have to know the login, to know what in-game rsn to search.  What you're saying is done backwards and is pretty much impossible to know which accounts are Antonio's.  You don't just log onto runescape, see a lvl 3 named "376FireStorm" and say "oh, that's Antonios, let me add @gmail.com and the password is the same"   

     

     

     

     

    Okay so after some deliberation among staff, we've come to a few conclusions.

    There's not really enough concrete evidence for us to make a clear decision on who is at fault.

     

    What we have figured out is that the overall security of the process is pretty low.

    The buyer is partially at fault for not changing the passwords after purchasing them, which should always be done regardless of what you're buying.

    The seller is partially at fault because he made blocks of accounts with the same passwords.

     

    The delivery of the accounts also seems to lack security, as when the accounts are delivered via Skype or Discord, Antonio leaves the message containing all of the account details there forever.

     

    This means that if the buyer was compromised, so are his accounts.

    If Antonio was compromised, so are all of his accounts.

     

    Antonio also delivers accounts through pastebin when it's a large amount of them, which is how he sells them to Almonds. This pastebin expires after an hour, meaning there's a very small window for that information to be seen and gathered by an unwanted 3rd party.

    Since these accounts were not "hacked" when sold by Almonds to goth, it leads me to believe it's simply the method of delivery that is causing issues.

     

    Regardless, there are too many possibilities for us to know anything specific, and it'd be too easy for a buyer of these accounts to make it look like they were hacked back.

     

    My solution I will say here is that I believe Antonio needs to take some responsibility and change the way he's operating his business. This does not mean he needs to refund in any way.

    He should probably not deliver accounts through pastebin, as the pastes *are* public (even if unlisted) and searchable for that 1 hour. Instead he should do one of the private paste sites, or send them via email if possible.

    When delivering through Skype or Discord, he should delete the messages containing the information as soon as the account delivery is acknowledged as complete (they copy/pasted them to their own location) by the buyer.

    He should also probably try to limit the block size of accounts that have the same passwords. I'm unsure as of now how much of an impact that would actually make, as the 3rd party would still need the emails even if he knew the password to one of the accounts.

     

    As for the buyer, the buyer should always be aware that this information is recognized as "shared" the moment two people know about it. If you're running a farm with accounts, or you're putting any kind of wealth on your accounts, you should ALWAYS change the passwords, and register an email to the account in the process.

     

    The reason I bought Almonds accounts was to have a controlled variable.  A list of accounts Antionio had no way of knowing I owned, so if he targetted all of Almond's accounts, multiple users would arise with problems, as a friend of mine happened to buy some accounts from Almond out of coincidence, so I could've easily compared notes if it had gone down to it.

     

    Incorrect conclusion.  Almond supplied to ME the accounts Antonio supplied to HIM, via the same method antonio supplied his accounts to ME.  Skype convo.  No offsite links to any pastebin of sorts.

     

    The 'proof' I'm presenting is, my accounts I recieved are 100% Antonio Kala's. 

    He gave me the information via Skype - his accounts.  - Compromised.  Directly from Antonio to me.

    Almond gave me the accounts via copy & paste of a skype conversation, exactly as Antonio Kala did.

    Antonios are compromised, Almonds aren't.  They're from the same original user, and shared the same way.

     

     

    You're saying my skype could've been compromised, if this is the case, it does NOT explain why Almond's didn't recieve the security breach if it was from the same original seller, and given via the same circumstances to me (Skype chat).  At the moment of the 'infection' so to speak, I was the only one.  Another user just came to light with the same issue as me, with the same buyer.  Giving the scammer a light spanking was not what I had in mind when I took it upon myself to spend over 2 hours creating a thread against someone that's hurting the DreamBot community.  

     

    The accounts are from the same buyer, I can prove screenshots of him admitting to this via Skype.  I can also show the sharing format Almond used to give me the account information - which is the same format (normal skype chat) that Antonio gave me which is what you're blaming for my security breach.  If it was infact skype , I would've recieved the SAME issue with Almond's accounts. 

     

    [edited by Nezz for double post]

    Edited by Nezz
    Link to comment
    Share on other sites

    I mean I don't think we're going to have Antonio refund anything.

    He's not going to be banned.

    You're free to leave him a negative feedback, but I think that's as far as the "punishment" for this dispute is going to go.

     

    When I said he sent them via pastebin, I meant Antonio sent the account information to Almonds via pastebin.

    And Almonds sent it to you with Skype.

     

    I'm going to close the dispute, I think the issue itself is resolved. The security of the transactions is low, and that is going to be rectified.

    Clearly if this happens again with better security, then there will be more issues to deal with.

    Link to comment
    Share on other sites

    Guest
    This topic is now closed to further replies.
     Share

    ×
    ×
    • Create New...

    Important Information

    We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.