Currently it looks like EpicThomas only was able to get a few accounts. Hopefully now people will be more vigilante with downloading new clients. But if there is no official client, or at least one endorsed by CFB how do we even know if the posted hash is the one for the client that isn't hacked. Who else can we trust?