Well the dc said that they have a script that puts up the ip aliases, and that script does the unset ... but as far as i know, any shell script if you run it in a shell, you will get logged the initial command that you did to run the script, not the individual commands the script does like ...
./script and the script has several commands in it, the .history or .bash_history will only show ./script as logged command, and not the individual commands that i have listed in the script.
as for the rest ... they are looking into it. (they found nothing so far. i asked them to investigate who logged in at that time, and who owns the other server the reverse shell was supposed to connect to.) it's a pretty fun story heh ? I guess i have to say thanks to my background - i come from shell hosting - had to deal with all kinds of kiddies, exploits, hack attempts
thanks for liking our pricing
try it out, and see if you like it even more