Did you not see the answer from PhoenixMiner ?
It isn't a pool problem. This type of attack will continue at random as long as miners don't use the secure ssl connections.

From PhoenixMiner:
You have fallen victim of the MITM scamers (so called IP hijack attack). The IP address of the ethermine server was hijacked by hackers (this happens in your ISP, so it is not your rig's fault but the result is still the same. You can see the telltale sign of the 10000 MH difficulty, which is never used by ethermine (their jobs are always with 4000MH difficulty). Fortunately, there is quick and easy fix the prevent similar problems in the future: use the encrypted (SSL) address of ethermine like this: -pool ssl://eu1.ethermine.org:5555. Note that the address starts with ssl:// and the port is 5555.