Have you traced the connections coming from your miners and seen them going anywhere else than what is expected??? PM me if you are unsure how to do this, I would be glad to help.
Interesting theory, but let's put forth some concrete evidence before making accusations.
To my knowledge I have not yet been unfortunate enough to have had my hash rate redirected - this is because I use p2pool & my operation is entirely "in-house", so I am able to monitor 24/7, but I can't be sure that I
haven't been a victim as my S2's are still using the unpatched cgminer version - thanks to Bitmain. The stratum redirect issue mainly affects normal, centralized pool users, a few of the latest examples:
https://bitcointalksearch.org/topic/m.9126676https://bitcointalk.org/index.php?topic=518205.380It is a known issue, not a theory, which is why all miner devs added a patch to their software when it was discovered. There is plenty of "concrete evidence" of this type of attack, a simple google search or scan of this forum will reveal your results. The simple fact is, Bitmain is the
only hardware manufacturer that insists on using this older version of cgminer, in full knowledge of the redirect security flaw, whereas
all other manufacturers applied the updated cgminer version to their hardware many months ago. Think about it - why would they do that? They even put it in their new S3's & S4's when they first came out.....2 months after promising everyone they wouldn't.
If Bitmain had done what the community asked & what they themselves promised, they would not find themselves in the position of "prime suspects", and
nobody would have to worry about this issue - it is entirely their fault.
Why would any hardware manufacturer
not want to ensure their software was secure?