I have been a security analyst for the past decade and crypto mining botnets are really all over the place these days, I find it highly likely with speeds like that with that much fluctuation this is very likely a botnet. Many CryptoCoin Mining malware and botnets have moved away from BTC and towards scrypt mining alt coins and more recently cpu PoW generated coins like XPM, ProtoShares and basically anything with a high value in BTC. Its a lot less noticeable to have 10 thousand or more machines using their CPU's for scrypt mining coins like DOGE or CPU mining other non scrypt coins compared to the GPU based BTC miners found in some of the older bots.(not to mention when spreading GPU mining botnets the infection campaigns need to target a specific user base, typically gamers with top of the line GFX cards). I really wish their was an easy way to fight these botnets but alas not many pool operators seem to care and those whom I have worked with to block the botnets usually felt the repercussions afterwards with DDoS attempts.
If anyone out there in the security field has any ideas or is working on any projects for detecting botnets compared to miners who are actually utilizing equipment they own I would love to hear about it.
Did anyone notice the top miner in Doge stats of multipool.us?
The user name shows up as rwisozk.
Yesterday he was mining at 825,000 KH/s and today jumped to 1,250,000 KH/s (now it dropped to 979,901 KH/s)
That's crazy, he needs to invest about $1,000,000 in equipment to mine at those rates or it is a botnet or something.
his hash rates are equal to next top 10 users combined. I think it is just increasing the difficulty for all the rest of the miners.
At very least it should be investigated and made sure it's a legit operation.
much love
detro
p.s Also much love to multipool <3 , Let me know if you are interested in detecting botnets hitting your pool as I recently found the URL for your pool posted in a thread on a Russian Botnet Forum as a "safe places to mine".