Is Storm Client safe to use?

No, Storm Client is not safe. It contains malicious Allure plugins that steal user credentials, Discord information, and game data. The decompiled code shows explicit credential theft methods.

What data does Storm Client steal?

Storm Client steals RuneScape usernames, passwords, session tokens, Discord user IDs, IP addresses, inventory data, equipment, game location, and all player activities.

What are safe alternatives to Storm Client?

Safe alternatives include RuneLite (open-source, community-verified), Official Jagex Client (guaranteed safe), and HDOS (officially approved with HD graphics).

How do I protect my RuneScape account?

Enable authenticator, use strong unique passwords, only use safe clients like RuneLite, monitor account activity, secure your email, and avoid suspicious links or downloads.

Back to Home

News & Updates

Storm Client Security News & Updates

Stay informed with the latest security news, malware discoveries, and protection updates related to Storm Client and OSRS account security.

Breaking: Critical Security Alert

Storm Client contains documented malware that steals user credentials and data. If you've used Storm Client, secure your account immediately.

Categories

All

Security Alert

Security Research

Official Statement

Community Report

Security Alert

Critical

Storm Client Developer Banned from Major OSRS Marketplaces

Following malware discovery, Burak (Allure developer) permanently banned from Sythe and other trading platforms

The Storm Client developer Burak has been permanently banned from major RuneScape marketplaces including Sythe and other OSRS trading platforms. This ban was a direct result of the security violations and credential theft discovered in the Allure plugins. The marketplace administrators took immediate action to protect their users from the malicious software.

2024-01-18

3 min read

Multiple OSRS Community Sources

Impact:

High - Affects all Storm Client users and marketplace security

Security Research

High

New Malware Variants Targeting OSRS Players Discovered

Security researchers identify additional malicious plugins beyond Storm Client Allure plugins

Security researchers have identified new malware variants targeting Old School RuneScape players. These malicious plugins use similar techniques to Storm Client's Allure plugins, including credential theft and data exfiltration. Players are advised to use only verified, safe clients like RuneLite.

2024-01-17

4 min read

Security Research Community

Impact:

Medium - New threat landscape for OSRS players

Official Statement

High

Jagex Issues Official Warning About Third-Party Clients

Official statement from Jagex regarding the risks of using unverified third-party clients

Jagex has issued an official warning about the risks of using unverified third-party clients. While they don't specifically name Storm Client, the warning comes in the wake of the malware discoveries. Jagex recommends using only officially approved clients and being cautious with any third-party software.

2024-01-16

2 min read

Jagex Official

Impact:

High - Official guidance from game developers

Security Audit

Low

RuneLite Security Audit Completed - No Issues Found

Independent security audit confirms RuneLite remains safe and free of malicious code

An independent security audit of RuneLite has been completed, confirming that the popular OSRS client remains completely safe and free of malicious code. The audit was conducted in response to concerns raised by the Storm Client malware discoveries.

2024-01-15

3 min read

Independent Security Firm

Impact:

Positive - Confirms RuneLite safety

Community Report

Critical

Community Reports 1000+ Compromised Accounts

OSRS community reports widespread account compromises linked to Storm Client usage

The OSRS community has reported over 1000 compromised accounts linked to Storm Client usage. These accounts show signs of credential theft, including missing items, unauthorized trades, and suspicious login activity. The scale of the compromise highlights the severity of the Storm Client security issues.

2024-01-14

5 min read

OSRS Community Forums

Impact:

Critical - Mass account compromise

Website Update

Medium

Storm Client Website Removes Security Claims

Storm Client website quietly removes anti-ban and security claims following malware discovery

The Storm Client website has quietly removed several security-related claims, including anti-ban protection promises, following the discovery of malicious code in their Allure plugins. This suggests awareness of the security issues within the development team.

2024-01-13

2 min read

Website Monitoring

Impact:

Medium - Indicates internal awareness of issues

Stay Updated

Get the latest security news and protection updates delivered to your inbox.

Complete Security Analysis Security FAQ Security Resources