@Toor
I have some technical questions about the time of compromise and others if you're interested:
1. How did a social engineering attack result in multiple people that were not collaborating with each other(?) all gain root access to all of the US servers?
2. Did you use any type of proxy (generic proxy, VPN, Tor, etc) to connect back then?
3. Were there any other interesting files on the compromised servers, and did you either copy those files or take a deep and long look at any of them?
4. If I may ask, how did you run pvp-e and non-pvp versions of realots? (using the format detailed in .tibia~ results in errors)
5. Did you ever, at any point, struggle with "100% CPU server freezing"-bugs alleged in this thread to exist, and was there a solution? (I can, after all, not remember rollbacks happening on realots other than in DDoS times)