-----BEGIN PGP SIGNED MESSAGE-----
We're currently under what is called a DNS hijacking attack just past midnight Las Vegas time 2014-02-26. This is where the attacker tries to hijack all traffic going to the sealswithclubs.eu domain to redirect to his server, thus putting himself in the middle of all communications. He'll likely be using this to gather user credentials to compromise the account at a later time.
If you're using the browser, you will see an invalid certificate message if you're susceptible to this attack. It is critical you do not proceed after seeing this message. It'd be best to just wait it out. For an example of these messages on common browsers, you can see the image here: http://i.imgur.com/4dTNmhr.png
If you're using the Desktop Client, be certain you're using the newest v0.2.18 version which can be found at https://sealswithclubs.eu/pc-client/
. The newest version will refuse to communicate with the bad guy's server, which will protect your credentials. However, this may temporarily prevent you from using our site. Again, it's best you just wait it out. If you want to try to fix the issue on your end, make sure you following the install instructions for the client carefully:
> Please follow these install instructions carefully to prevent any issues:
> 1. Remove any copy of the old client by deleting its folder.
> 2. Download the extracting archive below.
> 3. Find where you have downloaded the file to.
> 4. Double-click the file from the download location. On Windows, a black
> console window will pop up while it extracts the client. On Mac/Linux,
> extract the file using the archive tool.
> 5. When step 4 is finished, you may see a swc_client folder in the same place
> you ran the downloaded file from. If so, open that folder.
> 6. You’ll see a swc_client program with an icon of a seal. Double-click that to
> run the client. Do not move that program out of its home folder or it may not
> be able to communicate with the server properly.
DO NOT use the Android client until a new update is pushed. It is the most suceptible client out of all three to fall for the attack without warning.
If you worry that you have been compromised, you can e-mail firstname.lastname@example.org
specifically stating your account name and that you'd like to have the account temporarily locked. As long as your e-mail matches your account, we will fulfill you request. As soon as it is safe, we will e-mail you back when we've unlocked the account again for you.
- - X @ SealsWithClubs
GPG/PGP Pub Key: http://pastebin.com/raw.php?i=1Rse0Xzt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (MingW32)
-----END PGP SIGNATURE-----