Thursday, 25 January 2024

Review of Hostmonster Hosting and Domain Purchasing

I have a strange problem. 

My hostmonster account was compromised and 25 domain names were bought between Dec 31 and Jan 17. The billing amount varied from 14.15 to 70.75 USD. 

Different credit cards were used for each purchase. 

I got no email notification for ANY of these purchases and no receipts were emailed to me. 

I accidently found out when one of the credit card holders noticed a fraudulent charge and raised a dispute and got a chargeback. My hosting account was suspended and i could not access it because of the chargeback. I was surprised because no renewal was due on any of my products and no chargeback had been initiated by me. 

Hostmonster completely refused to do any analysis on how the emails were missed and instead mentioned that maybe my basic email id itself was compromised. EVEN IF that were so, it would be impossible to miss so many emails. All the same, I changed the password and took other security measures. 

Now, some weeks ago, my core site - kidsnews.top itself was compromised. We found out that the cpanel password was changed and that is how the hacker took control of our sites. The hostmonster support team helped us reset the cpanel password and also told us how to restore our website. 

However, they did no forensics to understand how the cpanel password was changed. 

Yesterday, when I tried to change my Cpanel password again, I realised that the CPanel password is not what I had set last time. When I tried to reset password, the email did not come. 

I confirmed the email id AND that I am supposed to get an email when the password changes (screenshot below). 

I am now able to access CPanel from the hosting main login. 

The issues are: 

A. Each transaction of 70 USD was done on a different credit card, but hostmonster is not able to explain why no email came to me OR cancel the credit card transactions OR even share the credit card numbers that were used. 

B. No idea how the CPanel password was changed with no notification to me. 

C. I asked for ip addresses of logins to my account and that was also not available. 

At this point, I am ok to shut down the entire hosting account and delete ALL our websites on Hostmonster. I also want to ensure that the credit card transactions that were fraudulently done are reversed and i m not listed as the owner of these domain names on the ICANN Registry. 

Can you please help? 


 






at
Labels:

No comments:

Post a Comment

Please share thoughts

Subscribe to: Post Comments (Atom)