It has been a hard week and a bit for the 50BTC mining pool. After it was first noticed that incorrect balances were showing for users on the 20th of this month and revelations that "Our billing server have been hacked, some parameters currently shown incorrectly. At this moment we are working hard to restore actual user balances. Please be patient it can take up to 24 hours.".
Now it seem that the recent DDOS that they have experienced my be connected as well as a possibility of an inside job in their own data centre. In an update today 50BTC go part way in explaining their difficulties and goes on to say that "50BTC is alive and will get back fast and stable as a hell in next few weeks." but it seems from their statement that anything is far from certain.
What is certain though is 50BTC's dramatic fall in hashrate from 105,492 GH/s on the 20th to a puny 6,977 GH/s today (one fifteenth of what it was just over a week ago) seems to be mostly due to 50BTC.com's reluctance to communicate with its frustrated customers.
The full update from 50BTC.com on Bitcointalk follows;-
After the attacks that we’ve experienced from August 2013 till the October we’ve lost user balances data and huge part of the funds. We still can not figure out the full list of vulnerabilities that have been used to perform the attack. One of the assumptions is physical unauthorised access to our servers which could take a place only if someone got an access to the hardware in datacenter.
Also we can’t rule out the possibility that someone found or create an exposure or backdoor in our billing software.
Currently we have few topics to deal with:
First thing that we’ve been able to figure out is that few fast miners have been cheating us using vulnerability in difficulty checking algorithm. This vulnerability is probably applicable to the other fair pools, so we will publish description in next few hours to help others avoid our fate. This difficulty fraud have led to the loss of the significant part of the funds.
Second thing is incessant DDOS attacks that started in early August and magically stopped in few days after billing was hacked (that seems to be the last stage of the attack).
Third thing is that we have weird jumping luck during August-September period which jumped from 40% to 120% daily and sharply increased hash rate of the few new users with abnormal large amount of stale shares.
Obviously this couldn’t be a regular coincidence and obviously this can’t be applied by one certain user. In general all of this only make sense if one or few competing pools decided to eliminate 50BTC for whatever reason. We are exploring all available data to figure out if some users was not real users but the proxied shares from the evilpool.
When miner formally connects to the evilpool it actually goes to the 50BTC through a proxy to get a job, and after that evilpool proxies all shares except of winning ones back to 50BTC. This could cause total bad luck that we’ve faced in a last few weeks.
But this is for sure not only things we will find in the next few days, before we will get the confidence that funds in pools wallets are safe. Only after that we will put additional funds and will enable payouts.
Still we are looking forward into the future with a hope and working damn hard rewriting our billing subsystem and moving our hardware to the another datacenter.
For all our users who believe in us and for all those bullshit fuckers who think that 50BTC is dead and already celebrating their victory, we have one main message:
50BTC is alive and will get back fast and stable as a hell in next few weeks.
Stay tuned 50BTC.com on Bitcointalk