It seems a rather unpleasant person has gained access to a key email account, which in turn has allowed them to compromise the DayZ server network. Anyone who provided login credentials to the DayZ team should consider those credentials compromised. Likewise, a trojan was placed on the US mirror as dayz_auto_updater.exe, and this will have installed back-doors on systems that executed it.
Server admins, get someone to make coffee, because you’ve got a fair bit of work to do to see if you’re safe, or to fix things if you’re not. DayZ forum users, your forum passwords have been leaked. Change them.
The forum compromise apparently led to the original security notice being deleted.
Admins of Arma 2 servers of all stripes may wish to block the guid of the perpetrator (e812801aa33603d69643eff110880ec9). The DayZ team is apparently looking into options for legal action – particularly as the identity and location of the perpetrator appears to be known. If you, yourself, know the identity of the perpetrator, you should avoid widespread publication of that information, as it might hamper upcoming criminal or civil legal actions.
[Via DayZ forums]