Recently there was an Email posted all over the web about DayZ servers being hacked and turned into a Botnet. Here is the actual information about it from the "horse's mouth" rocket (mod creator) as he posted it at the Dayzmod forum:http://www.dayzmod.com/forum/showthread.php?tid=9606
About the Security Issues
The Google Groups message Tonic sent out wasn't in possession of all the facts, and was very poorly written. Tonic has apologized to me for this. He is under an extreme amount of pressure. He is not compensated for what is pretty much a fulltime job under high stress. Mistakes happen. To his credit, his only mistake was a PR one and he avoided any serious harm occurring.
I would like to reiterate, that posts/emails from anyone except for me do not represent the official point of view of the project. Also, that google group is not an official group of the DayZ Dev team, and I am not a member of that group.
Fact: One of our Artist's PC's was hacked by a person known to him.
Fact: The hacker used the Artist's password to attack the forum's.
Fact: This was detected almost immediately, initially it was thought that this person was in fact the artist themselves.
Fact: DayZ has RDP/Admin access to less than 15% percent of the servers hosting DayZ.
Fact: The forums were vandalized, and this was detected and rolled back immediately.
Fact: A staff member, in a rush to inform everyone, was misinformed and overreacted resulting in the infamous google groups message.
Why does this happen?
Please remember that I cannot do everything myself, as such an army of volunteers help. Tonic is under an extremely large amount of pressure and is required to devote a large amount of time to dealing with increased security threats. Nobody can be expected to get everything right every time.
Also, take what you read in the game media with a grain of salt, my experience thus far is that I am quite often misquoted and sometimes I have quite a giggle at what ends up appearing.
I have listed the facts above, anything else should be evaluated carefully, not everything you read on the internet is correct and with the amount of misquotes attributed to me after/during E3 I would treat many of even "reputable" gaming media servers with a degree of caution.
Are we taking security seriously
Well, did Sony take security seriously? The FBI? People get hacked, it happens. I think we do a pretty good job considering about one month ago we had less than ten servers. We are also at pains not to store personal data, the only data we store is the forum data you supply (such as your email). So the worst that can happen, is that all DayZ data is wiped.
The DayZ team has been stepping away from administering the servers ourselves for the last three weeks, as we simply cannot cope with the volume of server requests and setting them up. Hence, we only have direct access to less than 15% of total servers. So any claims that anything being compromised would allow the rise of us wielding a network that could be a "giant botnet" are incorrect and misinformed.