Attack has nothing to do with DNS. So no...
Now that I think about it a bit more, of course it wouldn't. Thanks Lucko.
Now, doing such an attact is easy: packets are transmitted somewhat randomly over Internet. An attacker might monitor packets passing trough his node, and detect those who look like stratum packets, and trivially know the IP of the server, the miner and the port number of each.
How widespread is this attack, how many users have been affected so far? Are other pools experiencing the same problem, or just Eligius? If its just Eligius, it could be because an attacker, having discovered the originating IP address and public key ( wallet address ) from intercepting packets that pass through their node, can then go to the users pool stats page and see what their average hashrate is without the need of any authentication ***.
If this is the case, and its just a guess, along with encrypting the connections between miners and servers, the stats feature might need to have authentication added to it as well?
*** assuming that the attacker would be doing this because it would not be worth their time to do a sequencing attack on a user with a low hashrate