[nickhalfasleep]

I encountered this, I had a cloud service that I had spun up services on with some DNS records pointing to, and then abandoned. The IP address was then used by malware, but because my DNS pointed to it, my whole domain got blacklisted.

[jefftk]

This is risky for things other than malware blacklisting. For example, the attacker can get a certificate for your domain, and then they can access any HTTPONLY and/or SECURE cookies set at the registrable domain level and impersonate your users just by getting someone to visit their page.

[djbusby]

This is a good point, to properly "offline" your old hostnames and IPs. I've seen many of these cases where stale DNS started pointing to $BAD_THING

[genewitch]

how exactly does this work? I had to request that one of my server's IP address reverse mapped to the domain name. In that circumstance i could see "abandoning" that ip, and maybe it gets reused by someone i can't send a nasty letter to, but other than that, how would some subdomain on my domain pointing to an AWS IP i haven't used in a decade remotely trace back to me or my domain?

Maybe i am too tired and am missing some feature in whois or something.