I have a Moniker account with one domain and the access log shows an access on Sep 26 from 88.150.178.59 as well. The email I got yesterday with PLAINTEXT passwords was extremely strange and prompted me to start shopping around for another domain provider, this just makes me want to get it done today.
I too have this IP in my account login history. As well as others since July from other places globally.
This appears it was not brute force attempts, as the log would show failed login attempts. They just logged right in, first try. Sounds like a web site vulnerability.
If you are moving domains to a different registrar try Gandi. I have no affiliation with them except as a happy customer.
They also support two-factor authentication and delegation of limited permissions to other Gandi accounts. For example, if I'm doing a website for a client I have them purchase from or transfer the domain to Gandi, then delegate only technical rights to me for administering their DNS.
This all helps with account security, or damage control for when things go wrong.
These guys. Sigh. 88.150 logged right into my account and the account rep told me that they had no limit to how many times someone can try and get in. It has since been fixed. Also sending user names and passwords in plain text... c'mon man! Moniker is in the midst of transitioning to new software since acquisition and the renewals are faulty and security is lacking. Time to move on.
If Moniker's customer service is any indication of the way their operations are managed, this doesn't surprise me at all.
The company was an absolute nightmare to deal with when I was a customer. Three years in a row they caused me enormous grief just trying to renew a .io domain. For example, shutting it down and throwing away DNS records roughly two weeks before the actual expiration with no warning. Their communication about the special rules and requirements for .io was just horribly inconsistent. At one point I had to complain to BBB just to get a response. Took well over a week to get my email for that domain working again! And they held the fix hostage demanding a ridiculous amount of money to bother making it right.
Hopefully the new CEO has been able to get this kind of bs under control, but in the mean time I moved all my domains to namecheap.com and now gandi.net and it's been perfectly smooth sailing.
Moniker should win an award for how obnoxiously user hostile their site is and how completely ineffective their support channel is. It's like they went out of their way to make it impossible to use, that their express business goal was going out of business as rapidly as possible.
I had some luck dealing with Moniker over Twitter, but their email and site form options produced nothing. It's absurd that you have to bitch about how bad a company is in a tweet to get a response.
Just requested my moniker.com password and they just went ahead and emailed it to me in plain text without any sort of authenticating. Great security features.
I also see the IP 88.150.178.59 in my logs. No missing names that I can see.
Domain xfer should be completely traceable and reversible. Love to heard the follow on stories on this.