Email about security Breach

[novaseline 3]

Anybody else get a email about a dayz security breach? I believe what I received in email, is phishing.

For it contains many grammar errors. Then use of common words, versus educated words.

I don't follow links in email, unless i create them anyway. Then my password for this forum. Is a bullshit one for this forum anyway.

But I'd like to know. How did they email me? is my email broadcasted on my account for these forums?

Or was this indeed a real email?

---

This is that email

-----------------------------

Hello,

A security breach has sadly happened to DayZ, we are sending out a mass email to notify users who currently do not know.

To stay informed please refer to:

http://dayzmod.com/forum/showthread.php?tid=9123

A short summary:

Our forum database has been comprised and users are urged to change their passwords.

This is a good time to inform users to do good password practices, if you are not tech-savvy with today's modern age there are various different articles on practicing safe passwords and so fourth, below will contain a link that users should read to keep secure passwords so when security breaches like this happens you are not effected on a personal way. If you are contacted by a person claiming to be with the DayZ Dev team and they ask you for any personal information do not respond to this person and block them from contacting you. DayZ Dev Team will not ask you for any personal information or passwords.

https://itservices.uchicago.edu/page/good-password-practices

Also along with this database security breach our us.armafiles.info mirror (US Mirror) was also comprised and the attacker tried to spread a malicious application to infect users, if you downloaded an application called 'dayz_auto_updater.exe' from early this morning US Eastern time 6-8am on the date 6/9/2012 you should scan your computer for viruses and check your Appdata folder for .exe's containing the file names:

D3D8THK.exe

VSCover.exe

An extensive report by ThreatExpert can explain how to locate these malicious applications:

http://www.threatexpert.com/report.aspx?md5=ead7a55075d5ce1a32353832bed88069

And lastly for server hosts who have provided DayZ with RDP details for their servers are to quickly react on this and to change the RDP's account password and scan your server for any of the malicious software above as your servers integrity is comprised. Please do not contact DayZ Dev Team with new RDP Details, DayZ is no longer requesting RDP details for servers after this breach and hosts will be required to maintain their servers on their own. If a server host is contacted by anyone claiming to be with the DayZ Dev Team and are asking for server RDP details do not reply to this person and block them from getting in touch with you. DayZ Dev Team will not ask you for RDP details.

We cannot express how deeply sorry we are that this happened and are correcting our mistakes where we have went wrong so such a breach never happens again.

With kind regards,

Tonic

DayZ Dev Team

---

Notice all the run on sentences. Bad use of words, for an official email.

Im no English teacher by a long shot. But either is Phishing. Or this guy should not, write anymore official emails :P

[boneboys 7988]

Follow the links given and you will see why you were sent this mail.

[Slyguy65 499]

well uh all my emails from dayz go to spam for some reason anyway but i dont have an email like that....ddi you even click the dayz mod link? that seems legit at least.

[4L4N 276]

Just Checked. I got the Email too. dated Monday, 11 June 2012, 14:25

I think it's a real one. I have seen the majority of that text before on another site when tonic was explaining about the threat expert link and which files to check for in appdata.

Grammer aside , if English is not Tonics native language then he did a pretty good job anyway.

[ihax 16]

Couldn't be phishing anyways cause its not trying to point you to a bogus website asking you to log in or something.

But yeah it is a real email from the forums.

[liquidje 38]

Yes it is legitimate, that's why there is gaping hole for the beginning of June when you check back for posts. Also, phishing is for acquiring login details, which is not asked for here. I don't share your opinion that it looks fake, as most phishing stuff generally looks like shit.

Still, wise of you to check it. Check the announcements forum for a thread about the hack.

[fackstah 31]

phising email LOL tell me what would somone even get from DayZ they dont have any personal information held in any of theyre db's so what could they be trying to verify etc as a scam artist ?

fyi this is the term for phising so you dont get confused again :P

Phishing is attempting to acquire information (and sometimes, indirectly, money) such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail spoofing or instant messaging,[1] and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users,[2] and exploits the poor usability of current web security technologies.[3] Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

[dranzerk 0]

Guess it went to people who used a real email address. heh

[fackstah 31]

Guess it went to people who used a real email address. heh

or those who use forwarder's ;)

i dont think i have used my real email on the net for the last 6 years i own 4 domains so i just reroute stuff to my main with forwarders so i dont have to expose my main email :P

[cod3r 1]

maybe english is not Tonic's native language.

[salty (DayZ) 39]

maybe english is not Tonic's native language.

Tonic speaks 'merican.