It is unknown how many other pools they’ve executed this attack against. While withholding attacks are detectable, they are not possible to prevent: the risk of block withholding is inherent in how Bitcoin pooling works. Since the attacker does not gain any direct benefit by performing the attack it is usually assumed to not be a serious risk. A withholding attacker can’t profit, except through indirect effects like making a pool look less “lucky” and driving miners to other pools.
My guess is that they never expected to get caught and suffer income loss as a result of their attack. But, once they were caught, I put a filter in place to block them from the payout queue (similar to the block on known MtGox addresses). Eligius’s offline wallet now has roughly 200 BTC work credits held from the payout queue under the attacker's addresses, that we have stopped them from stealing.
Nice catch first of all. I appreciate the due diligence.
I have what may be a stupid question(who knows).
You say there is no way the attacker can profit, but I was wondering by withholding are they possibly withholding shares of a certain difficulty range and mining at several pools with difficulty ranges for each to look like they are mining at each pool to get credit for their hash rate at each pool?
I don't even know if this is possible and I've been drinking a little, but it came to me while reading your post....
Anyway again nice catch.....