I've come up with a form of domain hijacking that it somewhat different than the "normal" type. Here's how it works:
- Joe Chump registers a nice domain, let's say nicedomain.com
- He adds some NS records for the name servers of a host he's found: ns1.somehost.com, ns2.somehost.com
- He then - does nothing more. The domain is active and pointing to a host, but the host doesn't "know" about it.
That's when I come along. Who.is has a nice tool that can tell you all the domains that are pointed to a given registrar (the data is cached from when people look up their domains, it obviously can't actually tell every domain that's pointed to a name server). For instance, here's the page for DreamHost. I can go through that list and go to each of those domain names and see if the host has "recognized" them and created hosting accounts. If not, I can get access to that domain by opening a hosting account with that host using that domain. Now I have a domain I didn't pay for.
Anyway, I say all this because I got access to the domain dontforget.com with this method by opening a two-week trial account with DreamHost, where the domain is currently pointing. I find it very odd, though, that a (very good) domain that's been registered for 14.5 years is just aimlessly pointing at that host, waiting for it to happen.
So, I guess all this to say: am I on to something new/interesting? Or is this something folks have been doing for a while?